API being blocked by CORS even though it's an allowed origin

I just started using Auth0 a few days ago and have run into issues after getting auth to work.

I am using the Universal Login with success. Immediately after the user is authenticated I hit my endpoint (https://api.{DOMAIN}.ca/api/users/me) but receive the following error: Access to XMLHttpRequest at 'https://api.{DOMAIN}.ca/api/users/me' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

In the screenshot below you can see that http://localhost:4200 is an allowed CORS origin.

Here is the code snippet where the endpoint is hit:

environment.api.users = ‘https://api.{DOMAIN}.ca/api/users’

getMe(): Observable<UserModel> {
    return this.http
      .get<UserModel>(`${`${environment.api.users}`}/me`)
      .pipe(
        map(result => result),
        catchError(error => throwError(error))
      );
  }

I have tried using an endpoint of https://api.{DOMAIN}.ca/api/v2/users as I’ve seen in some cases.

Hi there @spoiledgoods, I wanted to reach out and let you know I am looking into this. Thanks!

I’m also facing this issue.

I am also having this same issue and cannot figure it out for the life of me. I get why the CORS error occurs, but I don’t understand why adding my URL to “Allowed Origins” does not fix the problem? For reference, I am developing locally (localhost:8000) and calling Auth0 API using fetch.

Having the same issue here

I’m having the same issue. Attempted to use a cross-origin verification page, but still not working.

Same issue. What can be going on here?

Me too. It works fine in Postman for me, but not in my app with the same values. Has anyone figured this out yet?

Same issue here. Been puzzling on this for hours now, but still don’t have a solution or workaround.

Anyone?