Hello,
I am using a javascript widget to connect to the OKTA provider. The Okta team of my company provided me the xml file where I got the Issuer, ClientId, and BaseUrl values.
I tried this widget with a Single-Page Application which I configured in this Okta Developer Portal and it worked successfully.
const oktaSignIn = new OktaSignIn({
logo: ‘/images/LogoForSPA.png’,
baseUrl: “https://xxxxxxx.okta.com”,
redirectUri: “http://xxx-xxxxxxx:6500”,
clientId: “xxxxxxxxxxxxxx”,
authParams: {
issuer: “https://xxxxxxx.okta.com”
}
});
BUT when I replaced the configuration values using our company’s provider xml information (I am talking about a legacy application I need to integrate with Okta login), I am getting the CORS error below:
Access to fetch at ‘https://xxxxx.okta.com/api/v1/authn’ from origin ‘http://xxx-xxxxxxx:6500’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.
Does somebody experience this issue before? Any hint or clue about what should I take care? Causes?
Thanks you in advance.