SATOSA icon indicating copy to clipboard operation
SATOSA copied to clipboard

Allow configuring of CORS allow origin headers

Open indy-independence opened this issue 1 year ago • 1 comments

Code Version

running satosa in docker, with SATOSA oidcop frontend

Expected Behavior

Have a way to configure CORS allowed origins, for example in keycloak they seem to call it "Web Origins" and it's configured per client

Current Behavior

When making requests to for example openid-configuration or userinfo endpoint from a react SPA, requests are blocked because there is no Access-Control-Allow-Origin headers in the response, and I can't find a way to configure this in satosa

Possible Solution

New configurations and/or documentation?

Steps to Reproduce

indy-independence avatar Feb 19 '24 13:02 indy-independence