CORS blocked Access-Control-Allow-Origin

I am seeing problems with user sign-in. For my Origins, I have the following:

And for my General Settings on the App, I have:

Whenever I try and login from localhost, I am getting the error:

As far as I can tell, I have my local dev, UAT, and PROD sites all listed in the origins correctly, and all three listed in settings correctly, I’m not sure why I am still receiving the CORS error…

Hey @chrisipeters! You found the other thread already, but for anyone landing on this page, we are tracking this bug here: https://github.com/okta/okta-signin-widget/issues/541

You’ve got everything set up on your side correctly. The bug is on our side - this endpoint is not returning the Vary header to let the browser know that the endpoint may respond to multiple origins. We’re planning to release a fix soon.

@nate.barbettini hi Nate,
I have the same issue. did you guys resolve this ? please let me know.

Hi @Amitabh

The issue has been resolved through a feature that adds Vary:Origin on /keys endpoint.

Please send us an email to developers@okta.com to further review and have this feature enabled if the scenario applies or assist in troubleshooting if the issue is on a different endpoint.

Hi Dragos,
I found something strange related to this issue. our application redirect is working fine when we specify ip address. for ex:
https://10.53.23.67/logout&state=https://10.53.23.67
as soon as we specify domain name for ex: https://abc.server.com/logout&state=https://abc.server.com
it goes on infinite loop of redirection.
at first we thought it is due to TLS (https), but today we figured out that it is just an issue with redirection having domain name.
have you seen this behaviour?

Hi @Amitabh

From what i’ve seen previously, the infinite loop can be triggered if a configuration is set incorrectly. The best solution to troubleshoot this issue would be by capturing the sequence of http requests and responses when you access the domain name using a tool like Fiddler and open a support ticket with us at developers@okta.com to further check with one of our Developer Support Engineers.

You can find here a small guide on how to use Fiddler and capture the entries.

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.