CORS origin problem

We have a problem with the integration of Use PKCE (for public clients) on Single Page Application(React).

We did the steps described.
PKCE integration overview

After the redirection from OKTA sign-in page to our callback route(on REACT app).
We successfully get code and state from OKTA’s query params.
OKTA’s callback URL.

But when trying to exchange the code from the callback URL for tokens we get CORS ERROR.
> Exchange code for tokens.

We added our app URL (http://localhost:3000) to TRUSTED ORIGINS but still get the same problem.

1 Like

Are you exchanging your code for tokens manually, or using our React SDK? I published a video this morning that shows how to use our Okta CLI to create a React app that uses PKCE. The Okta CLI configures everything for you, including trusted origins. Maybe it’ll help?

We integrated OKTA react SDK in our existing(LIVE) application.
But for exchanging code for tokens we use a manual way
[Exchange the code for tokens]
(Exchange the code for tokens | Okta Developer).

1 Like