Skip to main content

Troubleshooting

This document is a guide for resolving IAM-related issues.


CORS error when requesting API authentication token

When a client application requests an API authentication token, the following error may occur:

CORS Error Message
Access to XMLHttpRequest at 'https://iam.kakaocloud.com/identity/v3/auth/tokens' from origin 'http://61.109.239.46' has been blocked by CORS policy: 
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

This CORS error occurs because the KakaoCloud IAM API, for security reasons, does not allow requests from external origins.
When the client application requests an API authentication token, it communicates with the API endpoint of KakaoCloud IAM. Since the request originates from a different origin than the IAM server, a CORS error is triggered.

▶️ Solution: To prevent this error, you can set up a proxy server to receive the client request, forward it to the IAM server, and return the response (token issuance) as a workaround.

API authentication token shows 3-hour validity

The API authentication token displaying a validity period of 3 hours is due to the issued_at and expired_at times being in UTC.

▶️ To verify the issued_at and expired_at times in KST, add +9 hours.

  • If the token expiry is displayed as 3 hours, the actual token validity period in KST is 12 hours when adding +9 hours.

Timeout error when obtaining API authentication token

Timeout may occur during API authentication token issuance on the client side when obtaining the API authentication token. This is due to the loop code for API authentication token issuance, which results in blocking API authentication token issuance for the client's IP.

▶️ To resolve the issue, follow these steps to check the blockage status for the client IP:

  1. Create an additional server using the same IP as the problematic client and verify if tokens are issued from both servers.

  2. If token issuance doesn't occur, consider the following solutions:

    • Operate the client with a new IP address.
    • Request unblocking of the client IP from the Helpdesk.

"Invalid Token" popup

The occurrence of the "Invalid Token" popup after logging in to the console is due to multiple logins across one or multiple browsers.

▶️ If multiple logins with the same account are present within one browser, keeping only one tab and logging in with one IAM credential will resolve the issue.

▶️ If multiple logins are across multiple browsers, closing all but one browser and logging in with one IAM credential will resolve the issue.