I have a backend with some azure functions, and due to some new frontend using the same backend, I am now having trouble accessing the app due to cors restrictions.
Below are images of the settings in azure.
Code which calls the backend
let test = await this._context.aadTokenProviderFactory.getTokenProvider();
let token = await test.getToken(this.baseUrl, true);
let data = await fetch(`${this.baseUrl}/api/v1.1/search`, {
headers: {
Authorization: `Bearer ${token}`,
'Content-Type': 'application/json',
Accept: 'application/json'
},
method: 'GET',
});
Access to fetch at somename-api.azurewebsites.net/api/v1.1/search/workplaces' from origin 'https://somename.sharepoint.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
My issue is that if I try to call the endpoint (AZURE FUNCTION GET) from the browser I get the cors error pasted above.
However, if I try to access the endpoint on postman (without token) i get a 401, which is as expected, and if I use the token I get a response.
Does anybody have an idea on whats going on? thanks in advance!
