I am developing a SPA application(using @vue/okta-vue) and using okta for authetication. It was working fine until today(2018/12/13).
Today I input my username and password on Okta login page and the login seemed to succeed. Then my redirect uri was invoked and I got the error below
Failed to load https://dev-998107.oktapreview.com/oauth2/default/v1/keys: Response to preflight request doesn’t pass access control check: The value of the ‘Access-Control-Allow-Origin’ header in the response must not be the wildcard ‘*’ when the request’s credentials mode is ‘include’. Origin ‘http://localhost:8080’ is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
Making request to url like “https://dev-998107.oktapreview.com/oauth2/default/v1/keys” would be handled by okta-vue and I don’t know what happened
ps: I cleared my browser cache today. I don’t know whether it matters or not. Maybe this issue would existed a few days ago and didn’t happen because of my previous cache.