Weird Okta signoff CORS error, but only on one application when loggin out


I’ve got an app, that’s working on my dev, box in node, hosted in IIS on my dev box, and built and auto deployed from our dev server. Login fine, Logout fine.

When we used the same system to deploy it to QA, now logout no longer works.

I get this error:
dashboard:1 Access to fetch at ‘’ from origin ‘’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled. Failed to load resource: net::ERR_FAILED
DevTools failed to load source map: Could not load content for webpack:///node_modules/exceljs/dist/ HTTP error: status code 404, net::ERR_UNKNOWN_URL_SCHEME

I’m calling okta-vue.js 3, and that lib is calling revoke for me. How can it fail cors check from one okta app defined in the admin console and not another running the same code?



Did you add your application URL as a Trusted Domain for CORS?

I did but I still see the same problem

hm… that should have been all you needed to do.

Just in case, you’re not mixing up two different Okta tenants are you (aka, adding the Trusted Origin to a different org)?

I pretty sure I am not since I only have only created one
I also verified that the domains (API call vs settings) match

I found the issue.

It seems like my company has some domain mapping on their computers that prevent the logout to be successful regardless of the CORS being set up correctly.

I was able to successfully sign out on a computer outside of their network.

I will still leave this post here in case it helps somebody.

You did what?

I dont’ get the context in your return emails (which frankly sucks)