3

Signing in users with external identities from Safari and Brave is not working. The workaround for Safari is to disable Prevent cross-site tracking in the setting menu. There is another option using gcloud iap settings set as explained in https://cloud.google.com/sdk/gcloud/reference/iap/settings/set, I tried it but I am getting this error: FAILED_PRECONDITION: Precondition check failed.

I also tried to follow the steps in https://quabr.com/59905271/how-do-you-enable-cors-requests-to-a-google-compute-engine-iap-enabled-load-bala and I get a similar error.

Shi nik
  • 31
  • 1

2 Answers2

1

Same problem here.

I used this command a lot of times with suscess, until the last week, but dont work anymore.

cat > settings <<EOF
accessSettings:
  corsSettings:
    allowHttpOptions: true
EOF

gcloud iap settings set settings --project=PROJECT-ID
Fabio de Lima
  • 11
  • 1
1

Customizing IAP settings is now available only as part of a paid enterprise security subscription (BeyondCorp Enterprise). You can see the information from this article.

That article describes how to customize Identity-Aware Proxy (IAP) settings. With these settings, you can control behaviors including:

  • Compatibility with Anthos and Istio on Google Kubernetes Engine.
  • The handling of CORS preflight requests.
  • How users are authenticated.
  • The error page shown to users when access is denied.

An alternative is that you can support CORS requests on your App Engine by adding HTTP header to your app.yaml, for example:

handlers:
- url: /
  ...
  http_headers:
    Access-Control-Allow-Origin: https://URL
  # ...

Note: if you wanted to allow everyone to access your assets, you could use the wildcard '*', instead of your URL

Dondi
  • 2,288
  • 1
  • 8
  • 13