No 'Access-Control-Allow-Origin'

Have you added your application’s domain as a Trusted Origin for CORS requests in Okta?