CORS error on AJAX call

@andrea @oktadev-blog
Hi , I have integrated Okta in my .net application.
I have few ajax calls to fill dropdowns.
After keeping page idle for some time (okta session is expired or refresh link needs to be sent) , if I click on dropdown (which gives ajax call to controller) , instead of going to controller control moves to okta platform (as obvious) , resulting in cors error.

Error
• Access to XMLHttpRequest at 'https://sso-xxxx.com/oauth2/xxxxxx/v1/authorize?xxx
(redirected from ‘https://xxx’) from origin ‘https://xxx’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Startup.cs
app.UseCors( Microsoft.Owin.Cors.CorsOptions.AllowAll);

Please help.

The /authorize endpoint doesn’t support CORS and you’ll need to instead trigger a redirect to this route instead.

If you try that instead, does it work?

3 Likes