CORS Issue - open-id configuration

Hi Team,

I am getting the following error in console when trying to login in my application -
"Access to XMLHttpRequest at ‘https://<>’ from origin ‘<>’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource."

I have added application endpoint to the trusted origin and also checked the CORS and Redirect options.

Please help me out on this…

Background of the Issue -
The application works perfectly when configured okta application in my own developer account. But when i configure the application with my organisation Okta account it performs multi-factor authentication.
Firstly it shows cors issue with /authn endpoint while logging in login page but after configuration of application in trusted origin, app now proceed to google authenticator and after entering the code it gives the above cors issue reported.

Thanks in advance

Hi @ratul
Does this consistently occur for you or is it intermittent? If it occurs consistently could you open a support ticket with details on how to reproduce this, along with a network trace of an example failure?

Thanks for the reply dzeller.
It is consistent and is observed in different multi-factor authenticator(in my case google authenticator). I will be opening a support ticket for this.

Is there any place else where we need to configure the application endpoint in my org okta account.


Hello? This is still a major blocking issue. Okta simply does not work.

Any solutions?

Hey jhernandez,
try changing the issuer org.

  • remove default from the org or select some other authorization server