React/Lambda/Okta Tutorial getting CORS error

I followed this guide and set up this application:

I set everything up exactly as the guide instructs, and entered my relevant .env values:

REACT_APP_OKTA_CLIENTID={I replaced this with my Okta app clientid}
REACT_APP_AMAZON_API_BASE=https://{amazon’s invoke url for the function I created}

I added http://localhost:3000 to trusted origins which resolved an initial log in CORS error. But now it returns two instances of a different CORS error:

Access to XMLHttpRequest at '' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Is there a setting I’m missing?

Hi @cling,

It looks like your org doesn’t have the API Access Management feature.
If you open in a browser you’ll see the error You do not have permission to access the feature you are requesting

In order to get your application working, you’ll need this feature enabled (probably talking to Okta support) -

You can also sign up for a free developer org at and use that org for testing this, before enabling it your org.

Hope this helps.