Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type
See original GitHub issueCore Library
MSAL.js v2 (@azure/msal-browser)
Core Library Version
2.28.2
Wrapper Library
MSAL React (@azure/msal-react)
Wrapper Library Version
1.4.6
Public or Confidential Client?
Confidential
Description
Hi guys, I’m getting this error while trying to login with ‘popup’ interaction.
Cross-origin token redemption is permitted only for the ‘Single-Page Application’ client-type. Request origin: ‘http://localhost:3000’.
Is there a way I can pass an extra property request origin to the request?
MSAL Configuration
export const b2cPolicies = {
names: {
signUpSignIn: "B2C_1_SISOPolicy",
editProfile: "B2C_1_ProfileEditPolicy"
},
authorities: {
signUpSignIn: {
authority: "https://login.microsoftonline.com/tfp/msidlabb2c.onmicrosoft.com/B2C_1_SISOPolicy"
},
editProfile: {
authority: "https://login.microsoftonline.com/tfp/msidlabb2c.onmicrosoft.com/B2C_1_ProfileEditPolicy"
}
},
authorityDomain: "login.microsoftonline.com"
}
// Config object to be passed to Msal on creation
export const msalConfig = {
auth: {
clientId: process.env.REACT_APP_AZURE_CLIENT_ID,
authority: b2cPolicies.authorities.signUpSignIn.authority,
knownAuthorities: [b2cPolicies.authorityDomain],
redirectUri: process.env.REACT_APP_AZURE_REDIRECT_URI,
postLogoutRedirectUri: process.env.REACT_APP_AZURE_POSTLOGOUT_REDIRECT_URI
},
cache: {
cacheLocation: "localStorage",
storeAuthStateInCookie: isIE || isEdge || isFirefox
},
system: {
loggerOptions: {
loggerCallback: (level, message, containsPii) => {
if (containsPii) {
return;
}
switch (level) {
case LogLevel.Error:
console.error(message);
return;
case LogLevel.Info:
console.info(message);
return;
case LogLevel.Verbose:
console.debug(message);
return;
case LogLevel.Warning:
console.warn(message);
return;
default:
return;
}
}
}
}
};
Relevant Code Snippets
<MsalProvider instance={msalInstance}>
<MsalAuthenticationTemplate
interactionType={InteractionType.Popup}
authenticationRequest={authRequest}
errorComponent={ErrorComponent}
loadingComponent={LoadingComponent}
>
<div>Profile Content</div>
</MsalAuthenticationTemplate>
</MsalProvider>
Identity Provider
Azure AD / MSA
Source
External (Customer)
Issue Analytics
- State:
- Created a year ago
- Comments:7 (5 by maintainers)
Top Results From Across the Web
cross-origin token redemption is permitted only for the 'Single ...
Azure App Registration causing the following error: cross-origin token ... is permitted only for the 'Single-Page Application' client type.
Read more >Tokens issued for the 'Single-Page Application' client-type ...
Getting access tokens from Postman: Tokens issued for the 'Single-Page Application' client-type may only be redeemed via cross-origin requests.
Read more >[BUG/Question] Cross-origin token redemption is permitted ...
[BUG/Question] Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type. #47.
Read more >Do I need to enable Cors? Tokens issued for the 'Single-Page ...
Tokens issued for the 'Single-Page Application' client-type may only be redeemed via cross-origin requests.
Read more >Cross-origin token redemption Error with Dynamics
AADSTS9002326: Cross-origin token redemption is permitted only for the 'Single-Page Application' client-type.
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
@derisen Do we have docs demonstrating this?
@diamantisufi In your app registration, there is a left blade for
Authentication:Once you go to the screen it has an option to
Add a platformand you should be able to add theSPAtype. Hope this helps.@sameerag it solved my issue, thanks!