This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

CORS not working for Access Token Expired error

Posted on 02-26-2019 03:37 AM
shivakumarsudin
New Member
Reply posted on --/--/---- --:-- AM

Hi,

I have a CORS enabled proxy and it works fine for all the scenarios including the negative scenarios. . However, if the token is expired and apigee throws token expired error, it doesn't work. I get

isTrusted": true error on portal. can someone help? I should get the proper error for token expired error as well.

Solved Solved
0 4 664
Topic Labels
Jump to Solution
0 Likes
1 ACCEPTED SOLUTION

Posted on --/--/---- --:-- AM
nagashree_b
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

@Shivakumar Sudi

It appears you do not have the CORS headers included for error scenarios. Can you post your trace and the error from the console on the browser.

When an API proxy encounters an error, regardless of how it occurs, it exits the normal flow pipeline, enters an error state, and returns an error message to the client app. Once the API proxy enters the error state, it cannot return processing back to the normal flow pipeline.

So if you defined the Assign message policy to Add the CORS headers in the Respone flow, it will not get executed due to the token expired error. Try defining a default fault rule, with AlwaysEnforce set to true, with an Assign Message policy to include the CORS headers for all error scenarios

<DefaultFaultRulename="fault-rule">
<Step>
<Name>Add-CORS-Headers</Name>
</Step>
<AlwaysEnforce>true</AlwaysEnforce>
</DefaultFaultRule>

View solution in original post

Jump to Solution
4 REPLIES 4

Posted on --/--/---- --:-- AM
sidd-harth
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

Hi Shivakumar, can you update your question with the details of the CORS policy you have used and the screenshot of F12 Developer Tools Console error when you are getting isTrusted": true error on the portal.

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
nagashree_b
Silver 5
Silver 5
Reply posted on --/--/---- --:-- AM

@Shivakumar Sudi

It appears you do not have the CORS headers included for error scenarios. Can you post your trace and the error from the console on the browser.

When an API proxy encounters an error, regardless of how it occurs, it exits the normal flow pipeline, enters an error state, and returns an error message to the client app. Once the API proxy enters the error state, it cannot return processing back to the normal flow pipeline.

So if you defined the Assign message policy to Add the CORS headers in the Respone flow, it will not get executed due to the token expired error. Try defining a default fault rule, with AlwaysEnforce set to true, with an Assign Message policy to include the CORS headers for all error scenarios

<DefaultFaultRulename="fault-rule">
<Step>
<Name>Add-CORS-Headers</Name>
</Step>
<AlwaysEnforce>true</AlwaysEnforce>
</DefaultFaultRule>
Jump to Solution

Posted on --/--/---- --:-- AM
shivakumarsudin
New Member
In response to nagashree_b
Reply posted on --/--/---- --:-- AM

@Nagashree B thank you. Added the below step and it works fine now.

<DefaultFaultRule name="fault-rule">
<Step>
<Name>add-cors</Name>
</Step>
<AlwaysEnforce>false</AlwaysEnforce>
</DefaultFaultRule>

Jump to Solution
0 Likes

Posted on --/--/---- --:-- AM
nagashree_b
Silver 5
Silver 5
In response to shivakumarsudin
Reply posted on --/--/---- --:-- AM

@Shivakumar Sudi

Glad it worked, you can accept the answer if it helped you.

Jump to Solution
0 Likes