'Request header field sentry-trace is not allowed by Access-Control-Allow-Headers in preflight response
I'm developing a Frontend using NextJS and Keycloak for auth-purpose. After adding Sentry, I'm facing this issue here, where the token endpoint of Keycloak is returning an error; So I can log in.
I've tried many things:
- Change the web-origin config of Keycloak, which (obviously) doesn't change or solves the problem
- Play with the Sentry client config, without success, because the
denyUrlsproperty still make the Sentry SDK send thesentry-traceinto the request.
Now I don't have any more Idea, so I coming here for more help.
Solution 1:[1]
Unfortunately, Keycloak has hardcoded list of allowed headers, so you can't configure Keycloak for sentry-trace header.
You can have some non ideal work arounds:
- don't use sentry
- compile own hacked Keycloak version, where you allow that header
- add reverse proxy in front of Keycloak, which will add
sentry-traceheader to allowed headers - ...
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | Jan Garaj |