V1/token endpoint receiving CORS error

Only my dev account has this issue. Our Okta preview account is working correctly.

Endpoint: https://dev-xxx.okta.com/oauth2/default/v1/token
origin: https://localhost:3000 – which is in the allowed origins in Okta account with both CORS and Redirect enabled.

Access to fetch at ‘https://dev-xxxx.okta.com/oauth2/default/v1/token’ from origin ‘https://localhost:3000’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.

My dev account is on [Version 2021.12.1 C]

Silly, but I’ve seen this pop up a few times where the trusted origin is https whereas the actual localhost url is http

You might also want to confirm that the default server https://dev-xxxx.okta.com/oauth2/default/.well-known/openid-configuration exists - A missing SKU (API Access Management) can also cause this.

It ended up being a wrong clientid in our configuration. Thanks for the response!

This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.