Hi I call api userinfo from ionic 4 app and I received this message:
Access to XMLHttpRequest at ‘https://dev-…okta.com/userinfo’ from origin ‘http://localhost:8100’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
In developer console I have already enabled Trusted Origins http://localhost:8100
how can I solve this problem?
thanks a lot
Hello,
A couple of potential issues,
In the Admin console you setup this URL for both Redirect and CORS, not just redirect?
I don’t know if the URL you typed is a typo but there is no endpoint /userinfo directly off of the domain.
See here.
Will either be,
${baseUrl}/oauth2/v1/userinfo${baseUrl}/oauth2/${Authorization_Server_ID}/v1/userinfohello thanks for your reply, i have modified the endpoint as you suggested.
As a first step i call the enpoint
https://dev-…okta.com/oauth2/default/.well-known/openid-configuration
Next I call the authorisation_endpoint
https://dev-…okta.com/oauth2/default/v1/authorize
with the data
which returns the access_token
Next I call the userinfo_endpoint passing the access_token in the header of the call as the authorisation bearer
However, the service always returns a 401 error why?
Thank you very much
Sorry, looks like I provided the incorrect link prior, should be,
For userinfo the URL are you using is https://dev-…okta.com/oauth2/default/v1/userinfo ?
Yes I also tried using https://dev-…okta.com/oauth2/v1/userinfo but it always returns error 401
You might want to check the issuer (“iss”) value in your access token. That will determine what the url for the /userinfo endpoint will be.
For example, if your issuer is https://dev-123.okta.com/oauth2/default then you would just append /v1/userinfo to it to get https://dev-123.okta.com/oauth2/default/v1/userinfo.
thank you very much I solved the problem
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.