CORS error on redirecting to Okta

hazel · June 15, 2023, 2:59pm

I have a SAML token in cookie. When I send a request with this cookie, it always giving a CORS error.

Access to XMLHttpRequest at ‘https://dev-7188461.okta.com/app/dev-7...&RelayState=ReturnUrl%3D%252Fauth%252Fwhoami’ (redirected from ‘https://localhost:44379/auth/whoami’) from origin ‘http://localhost:3000’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

The thing that I don’t understand is why when I send the same request with a cookie added in Postman, I get a response, but it doesn’t work in the React project.

And I do not understand why is it redirecting to okta page. I am new in this, does anyone have any idea?

erik · June 17, 2023, 7:11am

Hello,

Okta does not set CORS headers for the SAML embedded application links and requires a browser user-agent redirect.

Browsers block calls if the pre-flight fails, Postman does not have this restriction

Post		Replies	Views
Missing CORS response header for SAML integration SAML	6	7964	May 11, 2020
SAML redirect Getting CORS error SAML	10	12997	November 7, 2020
CORS Error with Okta React Sample – What Am I Missing? OAuth/OIDC reactjs	5	59	September 22, 2024
CORS error when connecting Springboot app from React SAML	2	4090	February 13, 2024
React: CORS error when invoking auth.logout Questions	6	14823	August 30, 2018

CORS error on redirecting to Okta

Related Topics