Been blocked by CORS policy Angular

Access to XMLHttpRequest at ‘’ from origin ‘http://localhost:4200’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

I have Follow the same steps as mention which has been mention

See screen shot


A CORS error can occur if the endpoint returns a 40* error (eg. if you are not logged in). Can you please check if you have an active session in Okta and are sending the withCredentials=true attribute in the CORS request?

I am logged into Okta and after that page is back to angular project i request to getuser data to show the name

here is code

const user = await this.oktaAuth.getUser();

   // debugger;
  let userData = this.oktaAuth.getUser().then((user) => {
   this.oktaAuth.getAccessToken().then((token) => {
    // // Got access token
    let httpHeaders: HttpHeaders = new HttpHeaders({ 'Authorization': 'SSWS ' + token })
       .append('Accept', 'application/json').append('Content-Type', 'application/json');

     this.http.get('', { headers:  httpHeaders }).subscribe((res) => {
       this.user = res[0].profile.firstName + ' ' + res[0].profile.lastName;

And it give below error

Hello ,

Waiting for the update ?

You don’t need to make a request to the /me endpoint yourself. You can use the Angular SDK for that. this.oktaAuth.getUser() should return all the same information.

To fix the CORS issues, make sure you have http://localhost:4200 listed in API > Trusted Origins.

it only return the ‘Sub’

Try setting your scopes is set to openid profile and see if that helps. From the docs:

  • scopes (optional) : Reserved for custom claims to be returned in the tokens. Defaults to ['openid'] , which will only return the sub claim. To obtain more information about the user, use openid profile . For a list of scopes and claims, please see Scope-dependent claims for more information.