When building Azure AD web applications you have to ensure that they are in the same security zone as other Office 365 resources.
Recently I wrote about the issue with issuing multiple CORS requests using the ADAL JS library. It turns out that there is even more to it.
The ADAL JS Angular library offers great capabilities for building rich web applications unless you're trying to issue multiple CORS calls at the same time.
CORS simplifies building Office 365 SPAs. If you're however building multi-tenant applications on a stack without an SDK, there are a few things that you have to take care of.
Last April I had the honor of presenting three sessions at the SharePoint Evolution Conference 2015.