为 Azure Rest webapi 应用程序启用 CORS [英] Enable CORS for Azure Rest webapi application

问题描述

我有一个简单的 jQuery 页面，它调用 azure restful API 来获取 VM 的状态.我遇到了一个问题，它抱怨 跨源资源共享，我找不到为我拥有的 Web 应用程序/API 设置的位置.

I have simple jQuery page that makes calls to azure restful API to get the status of VMs. I'm facing a problem that it's complaining about Cross-Origin Resource Sharing and I can't find where to set that for the Web app/API I have.

我正在使用 客户端凭据授权 来获取令牌https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow

I'm using client credentials grant to get the token https://docs.microsoft.com/en-us/azure/active-directory/develop/v1-oauth2-client-creds-grant-flow

我已经完成了我的测试，当我尝试从 jQuery/JS 进行调用时，我遇到了 CORS 问题.

I have finished my testing and when I tried to do the calls from jQuery/JS I got the CORS problem.

我的设置涉及:在 Azure 门户中，我使用应用程序注册来注册Web 应用程序/API"类型的应用程序，给它一个主页地址这是它所在的地方"，创建了一个密钥.

My setup involved: From Azure portal, I used App registrations to register an app of type "Web app/API", give it a homepage address "this is where it lives", created a key.

使用

POST https://login.microsoftonline.com/<tenant id>/oauth2/token
grant_type=client_credentials
client_id=application id
client_secret=application key
resource=https://management.core.windows.net/

我错过了什么吗?我的搜索不断将我引导到 Azure 托管应用

Am I missing any missing anything? my search keeps leading me to Azure hosted apps

推荐答案

好的，简单来说就是:

1. 添加功能应用(按请求收费)
2. 打开新建的函数应用
3. 在代理中，从右侧列表中选择
4. 给它一个名字，路由模板将是您的新端点 URL，后端 URL 是您的登录端点，例如:https://login.microsoftonline.com//oauth2/token
5. 之后，回到你的函数应用，选择平台功能选项卡，选择 CORS，删除所有这些，然后输入你的应用程序 URL 或只是一个 *

1. Add Function App (charge per request)
2. Open the Newly created function app
3. In Proxies, select that from the right list
4. Give it a name, route template will be your new endpoint URL, backend URL is your login endpoint eg: https://login.microsoftonline.com//oauth2/token
5. After that, back to your function app, select the platform feature tab, Select CORS, delete all of them and enter your application URL or simply a *

您可以对这些更具体，但这足以获得令牌.并且所有其他端点都没有 CORS 问题.

You can be more specific with these, but this is enough to get the token. And all the other endpoint didn't have CORS problem.

祝你好运.

这篇关于为 Azure Rest webapi 应用程序启用 CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！