User authentication with CORS and headers?
See original GitHub issueI’m trying to connect to a privat channel here. My API, which also handles the authorization for the private channels as descripbed in the docs, lives under a different domain (api.example.com) while the frontend lives under example.com.
The API authorizes requests using JWT, so each request to the API needs to have an Authorization
header. The problem is: if I’m using authTransport: jsonp
to make CORS work, I get the console message Warn : To send headers with the auth request, you must use AJAX, rather than JSONP.
If I use the authTransport: ajax
setting, I should be able to send the headers, but authorization fails due to this transport not supporting CORS.
Is there a way to get around this limitations?
Issue Analytics
- State:
- Created 7 years ago
- Comments:5 (1 by maintainers)
Top Results From Across the Web
Which CORS headers do you need to send an Authorization ...
The Authorization HTTP header provides authentication information on a request. There are several types of authentication that use this ...
Read more >Cross-Origin Resource Sharing (CORS) - MDN Web Docs
Cross-Origin Resource Sharing (CORS) is an HTTP-header based mechanism that allows a server to indicate any origins (domain, scheme, ...
Read more >How do I send a CORS request with Credentials? - ReqBin
To send a CORS request with credentials, you must provide an Origin request HTTP header and an authorization cookie. CORS (Cross-Origin Resource ...
Read more >How to Authenticate Users and Implement CORS in Node.js ...
CORS is an HTTP header-based system that allows a server to specify any other origins (domain, scheme, or port) from which a browser...
Read more >CORS and the Access-Control-Allow-Origin response header
The CORS specification identifies a collection of protocol headers of which Access-Control-Allow-Origin is the most significant. This header is returned by a ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
I have the same exact issue right now. Is there a way to overcome this limitation yet? I see that this feature request is more than 2 years old.
I didn’t find the right answer