Keycloak Auth endpoint sends a 405 Method Not Allowed on Preflight Request #519
Description
Before reporting an issue
- I have read and understood the above terms for submitting issues, and I understand that my issue may be closed without action if I do not follow them.
Area
adapter/javascript
Describe the bug
Keycloak returns a 405 Method Not Allowed on an OPTION preflight request after an express server tries to forward an unauthenticated user from the browser to the keycloak login page.
Version
26.0.5
Regression
- The issue is a regression
Expected behavior
My React frontend sends a request to a secured endpoint in my express proxy. The proxy returns a 302 Found to the frontend. The frontend sends a preflight request that returns the Access-Control-Allow-Origin header and forwards my frontend to the login page.
Actual behavior
When the preflight request happens the request returns a 405 Method Not Allowed error and lables it as a CORS Missing Allow Origin, since the Access-Control-Allow-Origin header is not returned.
How to Reproduce?
Send a Get request from a react frontend to a keycloak-connect protected express endpoint.
Anything else?
No response