CORS Error - New Tenant

Hello, I created a new tenant to use for development and unfortunately came across the error:
“Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 400”.

I am using the following SDK:

  • Which SDK this is regarding: Auth0-JS
  • SDK Version: V9

I am using localhost:3000 to test right now & I have configured it to be allowed in our applications settings.

I have included code snippets of both functions I am testing, one is using Auth0-JS and the other one is using fetch.

My function using web auth:

var auth = new auth0.WebAuth({
  domain: `${process.env.REACT_APP_AUTH}`,
  clientID: `${process.env.REACT_APP_AUTH}`,
  redirectUri: 'http://localhost:3000',
  responseType: 'token id_token'

function sendOTPa(email) {
      client_id: process.env.AUTH,
      connection: "email",
      send: "code",
      email: email,
    function (err, res) {
      console.log("AUTH-TEST: " + err + res);

Function using fetch:

function sendOTPf(email) {
  console.log("Users Email is: " + email);
  fetch(process.env.REACT_APP_AUTHDOMAIN + "/passwordless/start", {
    method: "POST",
    headers: {
      "Content-Type": "application/json"
    mode: "cors",
    body: JSON.stringify({
      client_secret: process.env.AUTH,
      client_id: process.env.AUTH,
      connection: "email",
      email: email,
      send: "code",
  }).catch((err) => {

A screenshot of the error:

I was able to fix the issue. It was an issue with me not passing the client_id correctly & the passwordless connection being enabled.

1 Like

Perfect! Thanks for sharing that with the rest of community!