Apr 16 2018 06:35 AM
We had tested calling an AAD secured azure function from spfx webpart using “SharePoint Online authentication cookie” approach detailed in the official documentation here https://docs.microsoft.com/en-us/sharepoint/dev/spfx/web-parts/guidance/connect-to-api-secured-with-...
The steps described in the documentation are correctly followed and this method worked for us 3 weeks ago as the response received from AAD was with status 200 and the call was successful.
Since Friday however it seems that there has been a change on the authentication flow and now the azure function call receives a response code 302 , which is rejected by the browser as per the CORS specs. With following message
Failed to load <function URL>: Response for preflight is invalid (redirect).
Has anyone tried using this approach recently? any ideas how to solve it?