Skip to main content

Issue on connection using web-app-skeleton with



  • Official comment

    Hello Cyril, 

    We just updated app-web-skeleton with new code that was pending a validation review. 

    If you update your app with the current "master" of the git repository your code will probably work.

    - Maybe your app-id must start by the "pryv-" string and not "m-pryv-" 

    The issue you were facing is that "" (pryv lab) does allow you IP address to perform login and try to  change your "referer" or "origin" will not be allowed by your browser.

    The new code will expose the App on "" web server that is allowed by 


    But, .. :) 

    The app-web-skeleton is not the right place to start to develop applications. 

    This skeleton app is there to be a starting point when developing "authentication" and "consent management" phase and definitely not a good start for developers. We are sorry for this we are very probably going to put this repository "private" as it does not bring much to the community and can lead to mistakes. 

    You will find way better "starting point" on 

    • The example repository:

    • Or simply starting from the lib-js

    Best regards, 


  • Cyril TARGAT

    Thanks for your feedback.

    I will take a look at the web examples applications !


  • Cyril TARGAT



    I'm coming back again about authentication topic (more especially login).

    I take a tour on the recommended sample, that I succeed to play.

    So I try to reproduce a personnal authentication, based on angular.

    But I'm stucked at the login phase: here's the trace


    I'm using angular-cli (version 8), where I put in place a secure http server ( host)

    As far as i undestound, I think I've followed the essentials steps for the auth/login operation:

    - Origin is : https//, which should be ok for instance

    - the 3 body parameters (username, password, appId) should be ok (verified with postman)


    The only doubt is :

    - validity of my local ssl certificate (chrome consider it as unsafe)

    - the type of access for the appId (for the appId used, it's a personal access:

    - In my angular application, I just try to call the auth/login API (the appId has been trusted manually, with ).

    Any clue about this ?






  • Cyril TARGAT

    I forget to join the response body of the failed login:

    {"error":{"message":"Missing parameters: username, password and appId are required."}}


    And there was  warning message from chrome:


  • Pierre-Mikael

    Hello Cyril, 

    From the screen shot we can see that you're sending the header "Content-type" "application/x-www-form..."

    This should be 'application/json'

    I hope this help,

    Best regards, 


  • Cyril TARGAT

    Great ...that was the point !

    Sorry for my mistake ...

    Thanks  a lot !


Please sign in to leave a comment.