Problems with okta & cors in kubernetes

I’ve got an Angular app connecting to a Spring boot API and both are protected by okta with the means of the same "application. It works properly locally, it also works if I run my angular and spring boot docker containers locally but I have problems on my remote kubernetes.

I can login to okta with my angular (frontend) app, I can also login to my spring boot (backend app). I can retrieve data from the backend api by entering the right REST address in the browser. But when I try to access the backend from frontend, I get the following error:

Access to XMLHttpRequest at 'https://dev-933944.okta.com/oauth2/default/v1/authorize?response_type=code&client_id=0oa213871t9STk5R8357&scope=openid%20profile%20email&state=hjJmBYKm8qjNiIK_hOshBWcsO8KQTNYpPS1NIiMupWs%3D&redirect_uri=https://backend-svc-dxfkonrad.cloud.okteto.net/login/oauth2/code/okta&nonce=NSHty47EoLbXyCh7zkiXWt3jEDcZIQo0yTg_XVcYp1M' (redirected from 'https://backend-svc-dxfkonrad.cloud.okteto.net/follow-me/tracks') from origin 'https://frontend-svc-dxfkonrad.cloud.okteto.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Both the localhost and the kubernetes frontend app addresses are entered in the allowedOrigins in the backend app.
Anybody had such a problem? As I said, it works locally.
Thank you in advance
Konrad

Hi @advii,

Could you let us know how you are accessing /authorize ?
As mentioned in the doc, when making requests to the /authorize endpoint, the browser (user agent) should be redirected to the endpoint. You can’t use AJAX with this endpoint.

Hi,
not sure what would be the answer to this question:/
in my okta application in okta console I have the following settngs:
Client acting on behalf of a user

x Authorization Code

Refresh Token

x Implicit (Hybrid)

x Allow ID Token with implicit grant type

x Allow Access Token with implicit grant type

Login redirect URIs 

http://localhost:8080/login/oauth2/code/okta	
https://oidcdebugger.com/debug	
http://localhost:4200/redirect	
http://localhost:4200/implicit/callback	
https://frontend.cloud.okteto.net/login/oauth2/code/okta	
https://frontend.cloud.okteto.net/redirect	
https://frontend.cloud.okteto.net/implicit/callback	
https://backend.cloud.okteto.net/login/oauth2/code/okta	

Logout redirect URIs 

http://localhost:4200	
https://frontend.cloud.okteto.net/	

Login initiated by App Only

Initiate login URI http://localhost:8080/login/oauth2/code/okta

As of the angular frontend app I have just used the standard okta angular package and my setup looks like this:

const oktaConfig = {
  issuer: 'https://dev-....okta.com/oauth2/default',
  redirectUri: window.location.origin + '/implicit/callback',
  clientId: '...',
  pkce: false
};

As I said, it works on localhost with both docker and without docker.

@advii Would you be able to email developers@okta.com with the details to troubleshoot further ?