{"error":"unsupported_grant_type"} for angular call

Question

My api post call for retrieving a jwt token responds with 400 error. Here is my api angular call. I tried with URLSearchparams too.

authenticateUser(userid: string, password: string) {
        // var authorization_grant = "password";
        // let body = new URLSearchParams();
        // body.append('username', userid);
        // body.append('password', password);
        // body.append('grant_type', authorization_grant);
        let body = 'userName=' + userid+ '&password=' +password +'&grant_type=password';
        let headers = new Headers();
        headers.append('Content-Type', 'application/x-www-form-urlencoded');
        headers.append('Access-Control-Allow-Origin', '*');
        let options = new RequestOptions({ headers: headers });

        return this.http.post(this.config.apiBaseUrl + '/token', body, options).retry(3).map((res: Response) => {
            if (res.status == 200) {
                this.validatedUser = res.json();
                localStorage.setItem("access_token", this.validatedUser.access_token);
            }
            return this.validatedUser;
        })
    }

Answer 1

OK, after investigating the traffic in Fiddler tool, I compared the headers when called from postman vs angular.

On Client-Side: I removed line headers.append('Access-Control-Allow-Origin', '*'); from my code which resolved this issue.

On Server-Side Most importantly I moved app.UseCors(CorsOptions.AllowAll) line of code on top of app.UseOAuthAuthorizationServer where I generate token in my startup.cs.

Thanks @jps, @biswajit-rout and @Ruard Van Elburg for looking into it.