CORS problem with Angular and Spring

srinikasarla · February 12, 2021, 4:04am

Okta, Spring Boot and Angular
Want to maintain okta authentication in spring boot and want to call API from angular. I have tried couple of options and none of them worked. Authentication flow is working fine when accessed API directly but not from angular. Domain added to trusted origins and enabled CORS as well.

How to solve this CORS error?

Access to XMLHttpRequest at 'https://dev-13097919.okta.com/oauth2/default/v1/authorize?response_type=code&client_id=0oa5oXXXXXX7i5d6&scope=profile%20email%20openid&state=GCENVmdPeFtQuZOU-P5bZgOWbAA7lPivKwlfVqo4cLc%3D&redirect_uri=http://localhost:8069/cab/authorization-code/callback&nonce=jGzEkEw8ErN5B_Re9kdpD-mAHgYLXn0zeYTe42X4hyU' (redirected from 'http://localhost:8069/cab/api/hello-world') from origin 'http://localhost:8069' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Network calls

Console errors

mraible · February 12, 2021, 4:41am

Just to confirm, is http://localhost:8069 in your trusted origins? The error message indicates it is not.

srinikasarla · February 12, 2021, 3:02pm

Yes, http://localhost:8069 is my trusted origin and added below code to allow cors
registry.addMapping("/**") .allowedOrigins("*") .allowedHeaders("*") .allowedMethods("*")

andrea · February 12, 2021, 8:34pm

You cannot make an AJAX request to the authorize endpoint, you MUST redirect to this endpoint instead, as noted in our documentation

srinikasarla · February 12, 2021, 8:41pm

Thank you, do you have any blog or example for this scenario with jwt and custom authentication manager/provider?

mraible · March 9, 2021, 5:29pm

What do you mean by “custom authentication manager/provider?” Are you trying to use a custom authorization server? Or are you trying to do something else?