Has anyone used okta sign-in widget ( okta hosted) in a web application mainly java script based ? I am facing an issue where the login box takes the credentials and also requests to enter MFA - OTP for the applicable user. But after that it just gets stuck and does not redirect me to the applications redirect URI as configured.
Any sample script will be appreciated.
I suspect the redirect code needs to be added to the java script.
I am following the basic java script shared within Okta documentation.
So basically I am using the code from the live widget currently. I am looking to understand how does the method showSignInandRedirect will help in my case as I am using Auth Code flow.
Now that i have managed to elliminate error on the java Script by using:
signIn.showSignInAndRedirect({ el: ‘#widget-container’, clientId:’<%= process.env.CLIENT_ID %>’, redirectUri:’<%= process.env.REDIRECT_URI %>’ });
I have not been able to use the sign in due to CORS Error.
I have already added my domain to CORS & Redirect both within Okta API - Trusted Origins
I am not sure what is causing my XHttp Request to fail despite the proper trusted origins.
Error in Chrome :
Access to XMLHttpRequest at ‘https://XXXX.okta.com/api/v1/sessions/me’ from origin ‘https://XXXXX.com’ has been blocked by CORS policy: Request header field x-okta-user-agent-extended is not allowed by Access-Control-Allow-Headers in preflight response.
