CORS errors on /oauth/token with Sentry

rueben.tiow · August 23, 2023, 4:11pm

Problem statement

Now that we’ve added a custom domain, but we are getting CORS errors on /oauth/token.

Symptoms

CORS error on /oauth/token

Troubleshooting

Steps that can be taken by the user to identify and verify the problem, including relevant links to external resources

Cause

Sentry is adding the sentry-trace and baggage headers to XHR requests to /oauth/token, but these headers aren’t allowed, per the Access-Control-Allow-Headers response header on /oauth/token.

Solution

Update the tracePropagationTargets regex expression to exclude https://DOMAIN/oauth/token. Then, Sentry won’t add the sentry-trace and baggage headers to XHR request to /oauth/token.

Sentry Docs: Automatic Instrumentation for Browser JavaScript | Sentry Documentation

Topic		Replies	Views
CORS error ("xxx is not allowed by Access-Control-Allow-Headers in preflight response") Help api , custom-domain , cors	4	5124	November 1, 2024
CORS error on POST /token Knowledge Articles	1	647	August 10, 2023
Why Im getting CORS error when using custom domain Auth? Help classic-universal-login-experience , login-experience	0	1106	May 21, 2023
Custom domain and token issue Help configuration , application	2	835	August 3, 2023
Intermittent CORS 401 on token request Help configuration , application	2	1240	December 9, 2022