Cors Issue while running locally

[GusAV]

Hi, I'm trying to test the authentication locally but I'm getting CORS issue while using an Asp.Net with Angular Hybrid, with error:

"Access to fetch at 'https://ca.account.sony.com/api/authz/v3/oauth/authorize?access_type=offline&client_id=ac8d161a-d966-4728-b0ea-ffec22f69edc&redirect_uri=com.playstation.PlayStationApp%3A%2F%2Fredirect&response_type=code&scope=psn%3Amobile.v1+psn%3Aclientapp' from origin 'https://localhost:44401' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled."

Is there a way to run this code locally, what am I'm missing?

[wescopeland]

Hi @GusAV,

Authenticating in the browser poses a security risk if your app is public-facing. Sony has also disabled CORS on these network calls. You will either need to:

(a) disable CORS in your browser process, or
(b) set up a small Node.js server that makes the call instead, and your Angular app then calls your Node.js server. Your Node.js server is a man-in-the-middle and not prone to CORS issues because it's a server you control.