API being blocked by CORS even though it's an allowed origin

spoiledgoods · September 20, 2019, 5:27pm

I just started using Auth0 a few days ago and have run into issues after getting auth to work.

I am using the Universal Login with success. Immediately after the user is authenticated I hit my endpoint (https://api.{DOMAIN}.ca/api/users/me) but receive the following error: Access to XMLHttpRequest at 'https://api.{DOMAIN}.ca/api/users/me' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

In the screenshot below you can see that http://localhost:4200 is an allowed CORS origin.

Here is the code snippet where the endpoint is hit:

environment.api.users = ‘https://api.{DOMAIN}.ca/api/users’

getMe(): Observable<UserModel> {
    return this.http
      .get<UserModel>(`${`${environment.api.users}`}/me`)
      .pipe(
        map(result => result),
        catchError(error => throwError(error))
      );
  }

I have tried using an endpoint of https://api.{DOMAIN}.ca/api/v2/users as I’ve seen in some cases.

James.Morrison · September 27, 2019, 5:52pm

Hi there @spoiledgoods, I wanted to reach out and let you know I am looking into this. Thanks!

alex20 · May 20, 2020, 8:31am

I’m also facing this issue.

1qlee · May 26, 2020, 12:19am

I am also having this same issue and cannot figure it out for the life of me. I get why the CORS error occurs, but I don’t understand why adding my URL to “Allowed Origins” does not fix the problem? For reference, I am developing locally (localhost:8000) and calling Auth0 API using fetch.

emanb29 · May 29, 2020, 12:22am

Having the same issue here