Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Azure Function - Javascript POST Call return 403 #1040

Closed
enti333 opened this issue Nov 17, 2018 · 4 comments
Closed

Azure Function - Javascript POST Call return 403 #1040

enti333 opened this issue Nov 17, 2018 · 4 comments

Comments

@enti333
Copy link

enti333 commented Nov 17, 2018

Hello. I am new in azure functions but I found one little big problem which I am not able to solve. I search the internet but I didn't find any example how to do this...
My scenario is simple:

  1. One azure function which has enabled App Service Authentication
  2. Login with AAD.
  3. My JS method which is called from SharePoint Online content webpart
    var serviceURL = "https://xxxxxxxxx.azurewebsites.net/api/Function1";

    $.ajax({
        url: serviceURL,
        type: "POST",
        xhrFields: {
            withCredentials: true
        },
        crossDomain: true,
        success: function (data) {
            alert("Success: " + data);
        },
        error: function (ex) {
            alert("Failure getting user token");
        }
    });

When I change the POST to GET everything works fine....When I disabled
App Service Authentication everything is working...But POST whit enable
App Service Authentication with AAD is not working.

How to change my JS code that POST will work please.

Thank you

PS: This is only simple example I will send the real data in JSON format and so on.... So I need that the POST will work without disabling App Service Authentication

@soninaren
Copy link
Member

Can you share the contents of the function.json file?

@ColbyTresness ColbyTresness added this to the Active Questions milestone Mar 13, 2019
@ColbyTresness
Copy link

@mhoeger

@mhoeger
Copy link

mhoeger commented Mar 13, 2019

Answered in the related msdn post:

The 403 that you are seeing should resolve once you have CORS configured. You will have to add the origin domain to the CORS entries in your Function App. (Ex: http://www.example.com, but your domain)

Per this comment:

If your app requires credentials such as cookies or authentication tokens to be sent, the browser may require the ACCESS-CONTROL-ALLOW-CREDENTIALS header on the response. To enable this in App Service, set properties.cors.supportCredentials to true in your CORS config. This cannot be enabled when allowedOrigins includes '*'.

@mhoeger mhoeger closed this as completed Mar 13, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

4 participants