Connection to https://<my account>/oauth/token is blocked

Hi! I am integrating auth0.js into a VueJS client. In a development environment, everything works great.
But when I deploy this (NodeJS server serve this from the public folder) I get the following error:

Refused to connect to ‘https:///oauth/token’ because it violates the following Content Security Policy directive: “default-src ‘self’”. Note that ‘connect-src’ was not explicitly set, so ‘default-src’ is used as a fallback.

My code is below

const auth0Client = new auth0.WebAuth({
  domain: authConfig.domain,
  clientID: authConfig.clientID,
  audience: authConfig.apiAudience,
  redirectUri: authConfig.callbackUrl,
  scope: authConfig.scope,
  responseType: authConfig.responseType,

          realm: "Username-Password-Authentication",
          username: this.user,
          password: this.password,
        (err, authResult) => {...

I omit the rest for clarity. I’m lost. Any help is greatly appreciated it.

Hi @berlaga,

Welcome to the Community!

It looks like the error is missing your domain https:///oauth/token.

This suggests your config file is not making it to the deployment for some reason.

I skip my account for clarity. That was not the reason

Have you looked into the error? This SO questions covers it pretty thoroughly.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.