docs: added missing CORS headers for regular keycloak access via AJAX (…

…Joxit#304)
fuzmik · May 13, 2023 · bc80050 · bc80050
1 parent ba322e0
commit bc80050
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/examples/token-auth-keycloak/conf/proxy/nginx.conf b/examples/token-auth-keycloak/conf/proxy/nginx.conf
@@ -62,6 +62,11 @@ server {
         add_header WWW-Authenticate 'Basic realm="Keycloak login"' always;
         return 401;
       }
+
+      add_header Access-Control-Allow-Origin $http_origin always;
+      add_header Access-Control-Allow-Methods "OPTIONS, GET" always;
+      add_header Access-Control-Allow-Headers "Content-Type, Accept, Authorization" always;
+      add_header Access-Control-Allow-Credentials true always;
       proxy_pass $keycloak;
     }