Access-Control-Allow-Credentials failure when trying to fetch the token

farcaller · February 22, 2020, 9:01am

Apparently it was flutter all along.

The release build includes a service worker which has a handler like this:

self.addEventListener('fetch', function (event) {
  event.respondWith(
    caches.match(event.request)
      .then(function (response) {
        if (response) {
          return response;
        }
        return fetch(event.request, {
          credentials: 'include'
        });
      })
  );
});

As you can see, it forcefully injects credentials: 'include' into all the requests, thus making auth0 requests fail because they lack the Access-Control-Allow-Credentials.

Topic		Replies	Views
Fail to request access token from Auth0 Get Help jwt	5	2843	May 14, 2022
Cross origin with login credentials is not working Get Help login	2	3339	September 4, 2019
CORS Error - New Tenant Get Help api , auth0js , cors	3	2698	July 28, 2022
CORS issue on /oauth/token request Get Help cors , token-endpoint	5	8931	September 3, 2019
Auth0 cors error coming auth0/token api even after adding my domain in allowed cors origin Get Help access_token	2	3341	March 24, 2022

Access-Control-Allow-Credentials failure when trying to fetch the token

Related topics