update documentation - Azure AD IdP

[nergalex]

Hello,

To support Azure AD as an IdP, it's necessary to set header Origin. If not, this issue here is encountered.
Error looks like: [error] 10#10: *1 js: OIDC error from IdP when sending authorization code: invalid_request, AADSTS9002327: Tokens issued for the 'Single-Page Application' client-type may only be redeemed via cross-origin requests.

Fix is to add proxy_set_header Origin $host; in locations /_token and /_refresh

Could you update the documentation?

Best Regards

[ojuschugh1]

Hi,
I am interested in this issue. Is this issue still open or closed?

Thanks and Regards

[ag-TJNII]

This proposed fix lead me down a bad path. I found the fix to be to unset any headers from the client. #88

[anderius]

This is still an issue, and is not specific to EntraID. It affects all IdPs.

I think @ag-TJNII has a good fix in #88, and hope that is merged soon.

[anderius]

Now that the PR is merged, is there a planned milestone? Too late for 4.0.0, maybe?