Gents,
So I have my Okta development account properly configured and things were looking great until I decided to test on an android device. I am working on a hybrid mobile app using ionic platform and wanted to achieve the following.
- A user opens the app and enters email and password in the login screen
- A call is made to okta using openid and Oauth2 javascript libraries (okta-auth-js and angular-oauth2-oidc)
- First I get a nonce then use the nonce to get authorization and ID token.
- Use authorization token to getUserInfo and then get more values from the ID token to populate user profile and settings.
- I plan to Use Okta Directory as my single source of truth, that is store user profiles on it. This is not a social app so I am not planning to use social login, at least not at the moment.
- Users can registered directly using their mobile device. When they register, a call is to Okta using a clientId to store profile info. After registration a user can login an access information from the resource server based on their role with their authorization token.
- I created an authorization server on Okta and use that for application specific authorization
All these work when I set the CORS to http://localhost:port
and test on my local machine using the browser but fails, see error below:
Failed to load https://dev-xxxxxx.oktapreview.com/api/v1/authn: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://192.168.1.69:8100' is therefore not allowed access.
login.ts:83 AuthApiError {name: "AuthApiError", message: undefined, errorSummary: undefined, errorCode: undefined, errorLink: undefined, …}errorCauses: undefinederrorCode: undefinederrorId: undefinederrorLink: undefinederrorSummary: undefinedmessage: undefinedname: "AuthApiError"xhr: XMLHttpRequest {__zone_symbol__xhrSync: false, __zone_symbol__xhrURL: "https://dev-751448.oktapreview.com/api/v1/authn", __zone_symbol__readystatechangefalse: Array(1), __zone_symbol__ON_PROPERTYreadystatechange: ƒ, __zone_symbol__xhrListener: ƒ, …}__proto__: Error
at Object.<anonymous> (http://192.168.1.69:8100/build/vendor.js:172690:26)
at __webpack_require__ (http://192.168.1.69:8100/build/vendor.js:55:30)
at Object.<anonymous> (http://192.168.1.69:8100/build/vendor.js:65506:20)
at __webpack_require__ (http://192.168.1.69:8100/build/vendor.js:55:30)
at Object.apply (http://192.168.1.69:8100/build/vendor.js:172112:25)
at __webpack_require__ (http://192.168.1.69:8100/build/vendor.js:55:30)
at Object.<anonymous> (http://192.168.1.69:8100/build/vendor.js:171765:25)
at __webpack_require__ (http://192.168.1.69:8100/build/vendor.js:55:30)
at Object.<anonymous> (http://192.168.1.69:8100/build/vendor.js:171067:18)
at __webpack_require__ (http://192.168.1.69:8100/build/vendor.js:55:30)
I have have added the http://192.168.1.69:8100
in my
but still no lock.
I am thinking I may have to implement a sever side app and use it as my authorization service that talks to Okta then use that URI on my Okta configuration. But that will be another service to manage which I would love to avoid. I know I am missing something and any help would be appreciated.