Authorization policy is breaking preflight check in APIMAN

Question

I have 2 policies on my API (+1 for cors), first is keycloakOauthPolicy and the second is AuthorizationPolicy.

When I make some preflight request (then with verb OPTIONS and without any token in the header), I get that error from AuthorizationPolicy :

No roles have been extracted during authentication. Make sure the >authorization policy comes after a compatible authentication policy in >your configuration

What am I doing wrong?

score 0 · Accepted Answer · answered Oct 04 '18 at 15:05

0

My bad, I had a plan with another policy (keycloak authentication) which was also taking in charge or at least breaking the flow, then CORS policy (which is filtering preflight request) wasn't working properly.

answered Oct 04 '18 at 15:05

maxence smets

1
3

Authorization policy is breaking preflight check in APIMAN

1 Answers1