Hi,
I want to use openid connect to authenticate a single page application to a rest api. I want to use azure active directory as an identity provider. To discover the configuration I do a http get to https://login.windows.net/{guid}/.well-known/openid-configuration. This works fine using any client other than a browser, because there are not cors acces control allow origin headers set on the response. This makes the solution unusable from a browser. Have I not configured the directory correctly or is it simply not supported?
Kind regards,
Remko