Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Earn a 50% discount on the DP-600 certification exam by completing the Fabric 30 Days to Learn It challenge.

Reply
prateekraina
Memorable Member
Memorable Member

Error: No 'Access-Control-Allow-Origin' header is present on the requested resource

‎02-01-2018 08:47 PM

Hi Guys,

I am trying to get the access token in order to embed the Power BI report. When i fetch the token using AcquireTokenAsync in C# application it works fine. But when i try to get the access token in my javascript code it throws below error:

"Failed to load https://login.microsoftonline.com/common/oauth2/token: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:65159' is therefore not allowed access."

 

Can anyone kindly guide me on how to workaround this error in order to obtain access token in Javascript.

 

Prateek Raina

Labels:
Message 1 of 2
415,167 Views
0
1 ACCEPTED SOLUTION
v-ljerr-msft
Employee
Employee

‎02-04-2018 11:26 PM

Hi @prateekraina,

 

Based on my research, it should be a CORS problem. Here is a similar thread in which some workaround are mentioned. Could your go to check if it works in your scenario? Smiley Happy

This is not a fix for production or when application has to be shown to the client, this is only helpful when UI and Backend development are on different servers and in production they are actually on same server. For example: While developing UI for any application if there is a need to test it locally pointing it to backend server, in that scenario this is the perfect fix. For production fix, CORS headers has to be added to the backend server to allow cross origin access.

The easy way is to just add the extension in google chrome to allow access using CORS.

(https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi...)

Just enable this extension whenever you want allow access to no 'access-control-allow-origin'header request.

Or

In Windows, paste this command in run window

chrome.exe --user-data-dir="C:/Chrome dev session" --disable-web-security

this will open a new chrome browser which allow access to no 'access-control-allow-origin'header request


 

Regards

View solution in original post

Message 2 of 2
584,444 Views
1 REPLY 1
v-ljerr-msft
Employee
Employee

‎02-04-2018 11:26 PM

Hi @prateekraina,

 

Based on my research, it should be a CORS problem. Here is a similar thread in which some workaround are mentioned. Could your go to check if it works in your scenario? Smiley Happy

This is not a fix for production or when application has to be shown to the client, this is only helpful when UI and Backend development are on different servers and in production they are actually on same server. For example: While developing UI for any application if there is a need to test it locally pointing it to backend server, in that scenario this is the perfect fix. For production fix, CORS headers has to be added to the backend server to allow cross origin access.

The easy way is to just add the extension in google chrome to allow access using CORS.

(https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi...)

Just enable this extension whenever you want allow access to no 'access-control-allow-origin'header request.

Or

In Windows, paste this command in run window

chrome.exe --user-data-dir="C:/Chrome dev session" --disable-web-security

this will open a new chrome browser which allow access to no 'access-control-allow-origin'header request


 

Regards

Message 2 of 2
584,445 Views

Helpful resources

Announcements
RTI Forums Carousel3

New forum boards available in Real-Time Intelligence.

Ask questions in Eventhouse and KQL, Eventstream, and Reflex.

LearnSurvey

Fabric certifications survey

Certification feedback opportunity for the community.

View All