I am developing a SPA (Single Page Application). I am trying to make some Axios calls for acquiring some properties(such as “lastLogin”, “FirstName”, “LastName”, etc) of the user that has logged in into my app. I did the following steps:
- I Added an application with:
- I already added an origin with the domain “http://localhost:3000/” in the API > Trusted Origins and enabled CORS and Redirect.
- Whenever I make a call to the OKTA through my app it gives me these errors :
- GET https://dev-480978.okta.com/api/v1/users/00un69sxdXUjJs2df356 403 (Forbidden)
- Access to XMLHttpRequest at ‘https://dev-480978.okta.com/api/v1/users/00un69sxdXUjJs2df356’ from origin ‘http://localhost:3000’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
Although, if I make the call through my Browser or Postman works fine. It returns a JSON object. But not within my apply. According to the Okta’s documentation it is CORS enabled.
Hopefully you can help me with that.
I’d really appreciate your help,