To use a token based authentication (Implicit Flow) third party API providers usually require you to whiteliste a fully qualified HTTPS domain.

For a project created with vue-cli hosting a HTTPS server is quite easy:

sudo vue-cli-service serve --host --port 443 --https

But if your development environment does not support HTTPS or changing the host, you can use Caddy to forward the HTTPS traffic. An example with the domain

  1. Download caddy from github or with homebrew brew install caddy
  2. Redirect domain to local: echo "" | sudo tee -a /etc/hosts > /dev/null
  3. Start reverse proxy: caddy -host -port 443 "proxy / localhost:8080" "tls self_signed"
  4. Visit and accept the self signed cert. (make sure it is httpS)

Terminal output

Caddy will generate you a temporary self-signed certificate, but you can generate your own, for more check out the Caddy documentation

Disabling Chrome Security checks to bypass HSTS

You can type thisisunsafe anywhere on the Google Chrome warning page and it will load it without warning.

Or start with --ignore-certificate-errors, on macOS it would be: /Applications/Google\\ Chrome --ignore-certificate-errors &> /dev/null &

If you just want to allow local SSL certificates try out this Chrome option: chrome://flags/#allow-insecure-localhost.

more on stackoverflow


Before I found Caddy, I used my own solution GLoSS to start up a HTTPS reverse proxy with certificates.