Hi, all. I’m new to Okta and need some guidance. I’ve created a Blazor WASM app (NET6) that has no server backend. I enabled CORS on the application at the Okta dashboard and added each of the URL’s into the CORS section(localhost:5001,localhost:4280; and prod from Azurewebsites, yet my app still cannot fetch the results. The call to Okta is made fine (per the logs), but the page cannot fetch the results. It happens the same way in dev, stage and prod. This is the error.
Are you using an Okta SDK (or more specifically, Okta’s Blazor sample app) with an Auth0 org (judging by the URL in your example)? If so, I’m not positive how well that combination has been tested, but the correct discovery endpoint for Auth0 should just be https://{yourDomain}/.well-known/openid-configuration. That you are seeing a /default stuck into the middle of that URL makes me assume you use one of Okta’s SDKs that are designed to work with Okta’s Authorization Servers, as Okta has a default server available for all Developer orgs upon their creation.
If you want to try to get this working anyway, you can look to set the AuthorizationServerId to string.Empty (see docs) so that, in theory, the correct well-known doc is returned (since the SDK is manually forming the URL based on the OktaDomain and the AuthorizationServerId values), but I don’t know if you will run into other issues down the line if you use an Okta-specific SDK with an Auth0 instance.
Hi and thanks for responding. It turns out Okta doesn’t have an OOB solution for that (pretty common) use case. They told me that on The Twitter. I’ve now switched over to Azure AADB2C authentication and all is well.