CORS Error- Despite correct settings in newly created tenant

thefastcat · June 22, 2018, 10:08pm

Hello - my work account doesn’t allow me to login so I’m on my personal account.

I’m updating a legacy application for work and the request to get a token fails with the Cors issue stated here:

            return $.ajax({
                url: `https://nusspro.auth0.com/oauth/token`,
                type: 'POST',
                crossDomain: true,
                data: {
                    grant_type: 'client_credentials',
                    client_id: my.auth0APIClientID,
                    client_secret: my.auth0APIClientSecret,
                    audience: `https://nusspro.auth0.com/api/v2/`
                },
                success: function (data) {
                    // todo - consume access token
                    return data.access_token;
                },
                error: function (jqXHR) {
                    console.log(json.stringify(jqXHR));
            }});

what should I use instead ?

Jeff_Gochin · June 24, 2018, 1:13pm

I started having the same problem with a Tenant created 2 weeks ago. Preflight passes on call to /oauth/token end-point, but the actual request fails. On a Tenant created last year the same request works perfectly. Is the Auth0 team actively looking into this? Is there a Tenant level setting required to fix this?

Jeff_Gochin · June 24, 2018, 1:30pm

UPDATE: I created a new Tenant today and it also exhibits the same behavior. OPTIONS request 200, POST request 401 calling /oauth/token.

SaltyDH · July 30, 2018, 9:59am

We ended up giving up on this. I never got a response back from Auth0 on this. We moved to proxying the calls through our application and passing them onto Auth0 from there. Too many bugs creeping into Auth0’s platform lately not to mention totally new ways of authenticating every year it seems.