Swagger authentication is not working if the OC services are hosted on the Azure web.
Error Description: Swagger authentication is not working if the OC services are hosted on the Azure web
Error code on low-level identity logs
2023-05-15 15:28:47.3598 - WARN - IdentityServer4.Hosting.CorsPolicyProvider CorsPolicyService did not allow origin: https://orchdhan2022.azurewebsites.net
Environment details
OC Version details 22.10.2 & 22.10.3
Root Cause: OC and identity URL are different, and it is not able to Generate a token.
Resolution:
Edit the web.config of the Orchestrator appservice and inside the Rewrite under outbound rules, add a new rule and replace the IDENTITYURL with the root of the identityservice url .
Example
<rewrite>
<outboundRules>
<rule name="CSP">
<match serverVariable="RESPONSE_Content-Security-Policy" pattern=".*" />
<action type="Rewrite" value="default-src 'self' [https://orchdhanidentity2022.azurewebsites.net;connect-src]https://orchdhanidentity2022.azurewebsites.net;connect-src 'self' [https://orchdhanidentity2022.azurewebsites.net;script-src]https://orchdhanidentity2022.azurewebsites.net;script-src 'self' 'unsafe-inline' [https://orchdhanidentity2022.azurewebsites.net;style-src]https://orchdhanidentity2022.azurewebsites.net;style-src 'self' 'unsafe-inline';img-src 'self' data:;font-src 'self'" />
</rule>
</outboundRules>
</rewrite>