Update: Microsoft will be moving away from UserVoice sites on a product-by-product basis throughout the 2021 calendar year. We will leverage 1st party solutions for customer feedback. Learn more here.


My feedback

  1. 194 votes

    We're glad you're here

    Please sign in to leave feedback

    Signed in as (Sign out)

    We’ll send you updates on this idea

    22 comments  ·  Azure Active Directory » Application Proxy  ·  Flag idea as inappropriate…  ·  Admin →

    We are looking at enabling a feature that focuses on supporting CORS preflight requests between two applications. This works by allowing you to configure the response and have App Proxy handle it on behalf of the app.

    A pre-requisite for this feature to work is that the user must be able to authenticate into the second application in order to avoid a CORS issue from the login flow into the second app.
    To avoid this the user will have to make sure they have already accessed the 2nd application before the CORS request, and has valid credentials. This should work for wildcard apps and can also be achieved by adding a fake link / image to the 2nd application in the first application.

    We would love to get your feedback on this requirement and if this is something that will fit your use case.

    An error occurred while saving the comment
    John commented  · 

    We want to expose multiple RESTful APIs currently on-prem through Azure AD App Proxy to be consumed by various SPA's. On-prem works great, and the Azure AD App Proxy works to expose the SPA, but gives a 403 error when the CORS Pre-flight request fires. This prevents the SPA from gaining access to the APIs. Since the APIs in question already use Azure AD for authentication and authorization, I wonder what the risk in allowing passthrough for the Azure AD App Proxy Pre-Authentication to fix this issue?

    John supported this idea  · 

Feedback and Knowledge Base