I have the Okta/WP plugin working. I have set everything up, including CORS as was recommended in the few guides I could find. However, I am getting a CORS error after the push notification is sent. Everything works up until that last step. The notification is sent to my phone and I click Yes. Then (in the console) the login page shows a CORS error.
Again, I setup CORS properly (it blocks the initial step if not setup) and have everything else working. On the Okta side I do not see any error logs or anything.
Any help would be appreciated as this is something I really want to get done.
Is that the site where the plugin is being loaded, or is that the URL that you see in the CORS error? Might be easier if you can share a screenshot of the error you see in the developer console so we can check who is throwing the error (Okta side? WP? etc)
I’ve attached 2 screenshots. One is of my settings. The other is of the error I get. Again, it occurs after I click “Yes it’s me” on my phone and I get the green success message (on my phone).
To me it looks like it’s on the Okta side. I’ve tested it on a few other URLs and still get the same error in the end.
It looks like the /authorize call may be succeeding, but the /token call is failing
At least this time its a valid endpoint, but you’re getting a 401. What type of application did you make in Okta/what type of client authentication does it have? Is it a Web app with a Client Secret, or is it a SPA or Native app with PKCE? If its not a SPA with PKCE, can you make a new app that is a SPA with PKCE and use that Client ID in the config instead?
