Skip to main content

I’m currently integrating Box authentication into my Angular application. Here’s an overview of the process:





  1. I open a new window for Box authentication using the following code




const authorizationUrl = ‘Box - Free Online File Storage, Internet File Sharing, Access Documents & Files Anywhere, Backup Data, Share Files’;


const openedWindow = window.open(authorizationUrl, “s”, “width=640,height=480,left=300,top=100,resizable=yes,toolbar=no,location=no,directories=no,status=no,menubar=no,scrollbars=yes,resizable=no,copyhistory=no”);





  1. Once the user completes the authentication process in the opened window, Box provides an access token via a callback to my Angular application.


  2. I want to retrieve the access code from the authenticated Box window and use it in my Angular application for subsequent API requests.




However, I’m encountering a “DOMException: Blocked a frame with origin” error when trying to access the cross-origin frame from https://account.box.com. I have already added https://localhost:4200 as an allowed redirect URI in my Box application’s configuration.



I suspect that this error is related to cross-origin security restrictions. How can I resolve this issue and successfully retrieve the Box access code from the authenticated window and use it in my Angular application?



Any guidance or suggestions would be greatly appreciated. Thank you for your assistance!

Welcome to the Forum, @user191 😃



Setting up the redirect URI is a good decision, indeed.


Beside this, you’ll also need to configure the CORS domains section of your app too (it’s located on the same page: scroll down to “CORS domains” section to allow the URLs you need).



You should take a look at this page : https://developer.box.com/guides/security/cors/


Scroll down to the last section of the page to see an example. If you need to enter many URL, then you have to separate them with a coma.



Then, once it’s done, be sure to reauthorize your app in the Admin console to take into account the changes.


Thanks for your response @CodeBoxSeb ,



I had configured the CORS domain. However, I cannot find the option to reauthorize the application. This option is available for Server Authentication Apps but not for User Authentication Apps.


Hello team,


Anyone can help me with this? I am still getting DOMException: Blocked a frame with origin error.


Reply