Access to fetch at ‘https://dev-xxxxxx.okta.com/api/v1/sessions/me’ from origin ‘null’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.
I see the above error on trying to login . please assist
Did you censor the origin URL from your post, or is your application just not sending it? If there is an actual URL showing up as the origin in this error message (instead of null), you’ll need to add its domain to the Trusted Domains for CORS in Okta: Enable CORS | Okta Developer
If you’ve already done this and your origin is null, make sure its getting sent in your AJAX request to /sessions/me so that this validation passes.
1 Like