CORS error during signout wiith Angular SPA

TomH · July 20, 2021, 3:42pm

I’m working on an Angular SPA and integrating the Okta widget. My app is running on localhost:4200.

The sign in works great, and I see the “okta-token-storage” entry.

To signout, I call the signOut method on the okta Service, and then I encounter a CORS error.

Access to fetch at 'http://dev-2329998.okta.com/oauth2/v1/revoke' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.

I checked the Security → API settings for this application and I have an entry for localhost:

Origin URL: http://localhost:4200
Type: CORS, Redirect

Thoughts?

Thanks,

okra-okta · July 20, 2021, 4:09pm

I believe this is the issue:

Access to fetch at ‘http://dev-2329998.okta.com/oauth2/v1/revoke’ from origin

The Okta url should be https instead of http.

TomH · July 20, 2021, 4:30pm

yes, that was the issue. Thank you!

system · July 21, 2021, 4:30pm

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.