API being blocked by CORS even though it's an allowed origin

spoiledgoods · September 20, 2019, 5:27pm

I just started using Auth0 a few days ago and have run into issues after getting auth to work.

I am using the Universal Login with success. Immediately after the user is authenticated I hit my endpoint (https://api.{DOMAIN}.ca/api/users/me) but receive the following error: Access to XMLHttpRequest at 'https://api.{DOMAIN}.ca/api/users/me' from origin 'http://localhost:4200' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

In the screenshot below you can see that http://localhost:4200 is an allowed CORS origin.

Here is the code snippet where the endpoint is hit:

environment.api.users = ‘https://api.{DOMAIN}.ca/api/users’

getMe(): Observable<UserModel> {
    return this.http
      .get<UserModel>(`${`${environment.api.users}`}/me`)
      .pipe(
        map(result => result),
        catchError(error => throwError(error))
      );
  }

I have tried using an endpoint of https://api.{DOMAIN}.ca/api/v2/users as I’ve seen in some cases.

James.Morrison · September 27, 2019, 5:52pm

Hi there @spoiledgoods, I wanted to reach out and let you know I am looking into this. Thanks!

alex20 · May 20, 2020, 8:31am

I’m also facing this issue.

1qlee · May 26, 2020, 12:19am

I am also having this same issue and cannot figure it out for the life of me. I get why the CORS error occurs, but I don’t understand why adding my URL to “Allowed Origins” does not fix the problem? For reference, I am developing locally (localhost:8000) and calling Auth0 API using fetch.

emanb29 · May 29, 2020, 12:22am

Having the same issue here

RockDog · June 29, 2020, 4:37am

I’m having the same issue. Attempted to use a cross-origin verification page, but still not working.

mkhoussid · September 7, 2020, 9:00am

Same issue. What can be going on here?

ryanbuckleyca · October 19, 2020, 2:32am

Me too. It works fine in Postman for me, but not in my app with the same values. Has anyone figured this out yet?

hans.bouwmeester · December 8, 2020, 3:04am

Same issue here. Been puzzling on this for hours now, but still don’t have a solution or workaround.

Anyone?

ryanparrishux · September 7, 2021, 12:09pm

Running into the same issue. I followed the docs for these issues. Put localhost in the allowed web origins and CORS.

yaacov · September 15, 2022, 8:32am

Hey @James.Morrison, i’m hitting this issue as well and it’s been a few years. Any updates?
This is a blocker for my company’s auth0 adoption

Topic		Replies	Views
CORS issues on localhost Help cors , localhost	11	15957	May 28, 2021
No 'Access-Control-Allow-Origin' header is present on the requested resource Help cors	33	14603	January 28, 2021
Facing CORS error when fetching (from Front END) APIs (endpoints using requiresAuth()) in Express Server Help community-topic , other	1	2513	February 25, 2023
Access to XMLHttpRequest has been blocked by CORS policy Help management-api , custom-domains	0	2435	December 29, 2022
Auth0 cors error coming auth0/token api even after adding my domain in allowed cors origin Help access_token	2	3300	March 24, 2022

API being blocked by CORS even though it's an allowed origin

Related Topics