Hii All, I am testing PGP SSO. I am successfully able to hit the login API from Postman at "/gdc/account/customerlogin" and I am receiving a html response, but I am not able to render the response in an iframe in a React component because the html response contains script tags that are causing syntax errors. Can anyone guide me on how to resolve this issue? We are currently unable to use the GoodData SDK because our app's typescript and node versions are incompatible with the SDK.

@Tomas Gabik are you able to help us here please?

Hi @Shoumik, thanks for reaching out, I am adding my colleagues from the support team to the scope @Jan Rehanek and @Boris

302 is success (browser treats it as redirect which si expected)

Hi @Boris Can you please tell me how I am supposed to get the response from "/gdc/account/customerlogin" and how I can render the response? And there are some CORS errors that are occurring after I hit the above API.

Hi @Shubham Jain, yes, the requests can be blocked by CORS, that is also expected. You will need to add your app to the CORS allowed origins list (but it will need to be deployed with a hostname containing at least 2 levels of domain and ideally running on https - i.e. https://local.host:4200/. More info here https://sdk.gooddata.com/gooddata-ui/docs/platform_cors.html

@Boris i have added my app to CORS list but still i am receiving the CORS error. Also on my local (serving on http://localhost:4200/) i have added a proxy as mentioned in the above article and it is also not working.

The configuration looks correct, but it would be useful to see what the actual cors error says. I believe you need to use

/gdc/account/token

as targetUrl in the pgp login api, and then render the dashboard separately.

I have replaced the targetUrl, and now api is failing with status code 401. The api gets hit successfully from the postman though.

Hi @Shubham Jain , 401 in this case means that the cookies you recevie from the successful /customerlogin API are not saved in your browser for some reason (or saved properly). Could you PM me a har file of the calls on the first screenshot?

@Boris did you find anything in the har file ??

Hi Shubham, haven't had a chance to review yet, I'll get to it once I have a chance

hi @Boris did you get a chance to look into this please?

Hi @Shoumik, yes I did... I confirm that the SSO is working correctly and returns the authentication cookies, but they are not saved to the browser and used in the subsequent API calls. Not sure why's that, if it relates to code or browser configuration (I'd definitely try it in other browsers / incognito mode first).

Hi @Boris Have you been able to review what exactly is causing this issue and how we can resolve it?

Hi @Shubham Jain, as mentioned above - the cause is that the cookies received by the SSO login are not saved in the browser. This wouldn't be something GoodData specific, but rather a general, app development issue.