API being blocked by CORS even though it's an allowed origin

spoiledgoods · September 20, 2019, 5:27pm

I just started using Auth0 a few days ago and have run into issues after getting auth to work.

I am using the Universal Login with success. Immediately after the user is authenticated I hit my endpoint (https://api.{DOMAIN}.ca/api/users/me) but receive the following error: Access to XMLHttpRequest at 'https://api.{DOMAIN}.ca/api/users/me' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

In the screenshot below you can see that http://localhost:4200 is an allowed CORS origin.

Here is the code snippet where the endpoint is hit:

environment.api.users = ‘https://api.{DOMAIN}.ca/api/users’

getMe(): Observable<UserModel> {
    return this.http
      .get<UserModel>(`${`${environment.api.users}`}/me`)
      .pipe(
        map(result => result),
        catchError(error => throwError(error))
      );
  }

I have tried using an endpoint of https://api.{DOMAIN}.ca/api/v2/users as I’ve seen in some cases.

James.Morrison · September 27, 2019, 5:52pm

Hi there @spoiledgoods, I wanted to reach out and let you know I am looking into this. Thanks!

alex20 · May 20, 2020, 8:31am

I’m also facing this issue.

1qlee · May 26, 2020, 12:19am

I am also having this same issue and cannot figure it out for the life of me. I get why the CORS error occurs, but I don’t understand why adding my URL to “Allowed Origins” does not fix the problem? For reference, I am developing locally (localhost:8000) and calling Auth0 API using fetch.

emanb29 · May 29, 2020, 12:22am

Having the same issue here

RockDog · June 29, 2020, 4:45am

I’m having the same issue. Attempted to use a cross-origin verification page, but still not working.

mkhoussid · September 7, 2020, 9:00am

Same issue. What can be going on here?