Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in

CORS error while external authentication

Mohit Bansal
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
March 1, 2024

In order to communicate to an external api which requires Oauth2 token, I am trying to do an oauth flow but while returning back the authorization code to https://id.atlassian.com/outboundAuth/finish?code= I am getting a CORS error.

In the forge app that i created, below is the manifest.yml:

modules:
macro:
- key: forge-pronnel-hello-world
function: main
title: Forge Pronnel
description: Tests a login with External Auth
function:
- key: main
handler: index.run
providers:
auth:
- pronnelauth
app:
id: ari:cloud:ecosystem::app/1418a354-da0e-421c-a3f9-17939d41bb11
providers:
auth:
- key: pronnelauth
name: Pronnel Auth
scopes:
- pronnel.crm.read
type: oauth2
clientId: 65b15e1edd141d727b2113e2
remotes:
- pronnel-auth
bearerMethod: authorization-header
actions:
authorization:
remote: pronnel-account
path: /oauth/authorize
exchange:
remote: pronnel-auth
path: /token
revokeToken:
remote: pronnel-auth
path: /revoke
retrieveProfile:
remote: pronnel-auth
path: /userInfo
resolvers:
id: sub
displayName: email
remotes:
- key: pronnel-account
baseUrl: https://dev1.pronnel.com
- key: pronnel-auth
baseUrl: https://dev1api.pronnel.com/oauth
permissions:
external:
fetch:
backend:
- 'https://dev1api.pronnel.com/oauth'
- 'https://dev1.pronnel.com'


In the index.tsx frontend file I have used the methods as explained in their documentation.

```
const pronnel = api.asUser().withProvider('pronnelauth', 'pronnel-auth')
if (!await pronnel.hasCredentials()) {
await pronnel.requestCredentials()
}
```


In the browser below are the calls happening:

**Authorization** - returns HTTP 200

https://dev1api.pronnel.com/oauth/authorize?response_type=code&client_id=65b15e1edd141d727b2113e2&redirect_uri=https:%2F%2Fid.atlassian.com%2FoutboundAuth%2Ffinish&state=pronnel&scope=pronnel.crm.read&org_id=5f0d90d6f1ce534225949ee9


**Decision** - return HTTP 302

https://dev1api.pronnel.com/oauth/dialog/authorize/decision?transaction_id=UavPDsRR&response_type=code&client_id=65b15e1edd141d727b2113e2&redirect_uri=https://id.atlassian.com/outboundAuth/finish&state=pronnel&scope=pronnel.crm.read&org_id=5f0d90d6f1ce534225949ee9


After this the flow is redirected to the Redirect URI i.e.

https://id.atlassian.com/outboundAuth/finish?code=*authorizationCode*

and this gives a CORS error.

Can someone help in understanding what could be the issue here? Is there any configuration that is missing?

 

0 answers

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
FREE
PERMISSIONS LEVEL
Site Admin
TAGS
AUG Leaders

Atlassian Community Events