Conversation
There was a problem hiding this comment.
Pull request overview
Adds a developer guide describing how to locally test User Activity Service (UAS) endpoints in Simorgh, covering auth/session handling and CORS constraints commonly encountered in local environments.
Changes:
- Introduces new MDX documentation for local UAS endpoint testing
- Describes local-only workarounds for token refresh, cookie/token handling, and CORS
- Adds a troubleshooting section and resource links for further reading
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
elvinasv
left a comment
elvinasv
left a comment
There was a problem hiding this comment.
We could probably also mention that ckns_id is needed, otherwise we'll hide the UAS button (at least for now)
|
|
||
| 1. Install **ModHeader** extension for your browser: | ||
|
|
||
| 2. Configure ModHeader to set the `Access-Control-Allow-Origin` header: |
There was a problem hiding this comment.
What happens if we use an alias for localhost.bbc.com? Do we need to use ModHeader for this?
There was a problem hiding this comment.
I tried this method. The CORS error no longer occurred, but even when I passed a valid token, the UAS APIs kept returning a 401 Unauthorized error.
There was a problem hiding this comment.
I tried this again after removing the third-party cookie block removal, which was stopping the required tokens from being passed. It’s working now, so we don’t need the ModHeader extension after all.
Will update doc
Thank you @HarveyPeachey
Resolves JIRA:
Summary
A Guide that provides instructions for developers to test User Activity Service (UAS) endpoints locally
Testing UAS endpoints locally requires several setup steps to handle authentication, CORS issues, and session management.
This document outlines all necessary configurations.
Included some Troubleshooting steps as well