CORS Error with OIDC Application

Hi,

I have configured an OIDC application for my customer.

The application is working as expected by itself.

However, When I try to access the application from OKTA I get the error:

Access to XMLHttpRequest at ‘https://myorg.okta.com/oauth2/v1/authorize?response_type=code&scope=openid+profile+email+offline_access&client_id=odsdnfw1n3Kgfgf44x6&state=0&redirect_uri=https://myapp_test.mydomain.com:443/_codexch&nonce=7qSpYIUlgLVbZlvlvsmHFrg5gffdgKBIfd45Y_0WpM’ (redirected from ‘https://myapp_test.mydomain.com/ajax/query/list/status’) from origin ‘https://myapp_test.mydomain.com’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

I have enabled the https://myapp_test.mydomain.com/ on the OKTA API Trusted Origins but still get the error.

Any Idea ?

Thanks!

from the documentation Note: When making requests to the /authorize endpoint, the browser (user agent) should be redirected to the endpoint. You can't use AJAX with this endpoint.

https://developer.okta.com/docs/reference/api/oidc/#authorize

1 Like