X-AUTH-TOKEN returns null even though it is present in header

Question

I am using angular JS to login to my app. On the server, it returns a X-AUTH-TOKEN. When I do a JSON request. The header response looks like this...

Pragma: no-cache
Date: Thu, 19 Nov 2015 12:44:05 GMT
X-Content-Type-Options: nosniff
Server: Apache-Coyote/1.1
X-Frame-Options: DENY
Access-Control-Max-Age: 3600
Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE
Access-Control-Allow-Origin: chrome-extension://gmodihnfibbjdecbanmpmbmeffnmloel
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
X-AUTH-TOKEN: eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJiaWxseWpvZSJ9.le0y_pOfQAyLJO4IJ4ZjQQqgqgiN2xtpLAzORawoDm4O4euHFh32LtjMrBUTkr8G2LeY_2bALe_rcm3LY_NlSg
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type, Accept, X-Requested-With, remember-me
Content-Length: 88
X-XSS-Protection: 1; mode=block
Expires: 0

As you can see. X-AUTH-TOKEN is present. But when I try to retrieve it and save it to local storage...

  $http.post(loginUrl)
  .success(function(data, status,headers) {
    $scope.hello = data;
    var TOKEN = headers("X-AUTH-TOKEN");
    window.localStorage['X-AUTH-TOKEN-TRIVIA'] = headers("X-AUTH-TOKEN");
  })

It always returns NULL. Why is it not retrieving the token if its clearly in the header ?

I have also used single quotes.

  $http.post(loginUrl)
  .success(function(data, status,headers) {
    $scope.hello = data;
    var TOKEN = headers('X-AUTH-TOKEN');
    window.localStorage['X-AUTH-TOKEN-TRIVIA'] = headers('X-AUTH-TOKEN');
  })

Answer 1

Figured it out... Thanks to another post

Angular.js saying custom HTTP response header is null

The problem is server side. You must add Access-Control-Expose-Headers: X-Auth-Token

In my case using Spring Boot or Spring. You probably would have to add this in your CorsFilter

response.setHeader("Access-Control-Expose-Headers", "X-Auth-Token");