Call to AAD secured azure function not working from SPFX web part

%3CLINGO-SUB%20id%3D%22lingo-sub-183141%22%20slang%3D%22en-US%22%3ECall%20to%20AAD%20secured%20azure%20function%20not%20working%20from%20SPFX%20web%20part%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-183141%22%20slang%3D%22en-US%22%3E%3CP%3EWe%20had%20tested%20calling%20an%20AAD%20secured%20azure%20function%20from%20spfx%20webpart%20using%20%E2%80%9CSharePoint%20Online%20authentication%20cookie%E2%80%9D%20approach%20detailed%20in%20the%20official%20documentation%20here%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Fdev%2Fspfx%2Fweb-parts%2Fguidance%2Fconnect-to-api-secured-with-aad%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fsharepoint%2Fdev%2Fspfx%2Fweb-parts%2Fguidance%2Fconnect-to-api-secured-with-aad%3C%2FA%3E%3C%2FP%3E%3CP%3EThe%20steps%20described%20in%20the%20documentation%20are%20correctly%20followed%20and%20this%20method%20worked%20for%20us%203%20weeks%20ago%20as%20the%20response%20received%20from%20AAD%20was%20with%20status%20200%20and%20the%20call%20was%20successful.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESince%20Friday%20however%20it%20seems%20that%20there%20has%20been%20a%20change%20on%20the%20authentication%20flow%20and%20now%20the%20azure%20function%20call%20receives%20a%20response%20code%20302%20%2C%20which%20is%20rejected%20by%20the%20browser%20as%20per%20the%20CORS%20specs.%20With%20following%20message%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EFailed%20to%20load%20%3CFUNCTION%20url%3D%22%22%3E%3A%20Response%20for%20preflight%20is%20invalid%20(redirect)%3C%2FFUNCTION%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EHas%20anyone%20faced%20this%2Cany%20ideas%20to%20solve%3F%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-183141%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EAPI%20Management%3C%2FLINGO-LABEL%3E%3CLINGO-LABEL%3EAzure%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E
New Contributor

We had tested calling an AAD secured azure function from spfx webpart using “SharePoint Online authentication cookie” approach detailed in the official documentation here https://docs.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/guidance/connect-to-api-secured-with-...

The steps described in the documentation are correctly followed and this method worked for us 3 weeks ago as the response received from AAD was with status 200 and the call was successful.

 

Since Friday however it seems that there has been a change on the authentication flow and now the azure function call receives a response code 302 , which is rejected by the browser as per the CORS specs. With following message

 

Failed to load <function URL>: Response for preflight is invalid (redirect)

 

Has anyone faced this,any ideas to solve?

0 Replies