I'm trying to implement client credentials flow using adal-node in my react app
Code I am trying
var AuthenticationContext = require('adal-node').AuthenticationContext;
const authenticate = (): any =>{
var authorityHostUrl = 'https://login.microsoftonline.com';
var tenant = 'xxxx.onmicrosoft.com';
var authorityUrl = authorityHostUrl + '/' + tenant;
var applicationId = '2sdsdwewe-232jkdksdsdsadfsfdsdf';
var clientSecret = 'sdfer245dwfsfw3rt345r342fwfwefwf';
var resource = 'api://sdfwerwerwrwerwerwrewrwer';
var context = new AuthenticationContext(authorityUrl);
context.acquireTokenWithClientCredentials(resource, applicationId, clientSecret, (err: { stack: string; }, tokenResponse: any)=> {
if (err) {
console.log('well that didn\'t work: ' + err.stack);
} else {
console.log(tokenResponse);
}
});
}
I have running from my local which is http://localhost:3000/
So in Azure active directory app registration for the app, I have added http://localhost:3000/
under web Redirect URIs. Also tried adding that under SPA as well
But when I run this it comes up with CORS error
Access to fetch at 'https://login.microsoftonline.com/xxxx.onmicrosoft.com/oauth2/token?api-version=1.0' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I am missing something here
When I run Chrome as chrome.exe --user-data-dir="C:/Chrome dev session" --disable-web-security
this works and generate valid token