Problem statement
Now that we’ve added a custom domain, but we are getting CORS errors on /oauth/token.
Symptoms
- CORS error on /oauth/token
Troubleshooting
- Steps that can be taken by the user to identify and verify the problem, including relevant links to external resources
Cause
- Sentry is adding the
sentry-traceandbaggageheaders to XHR requests to /oauth/token, but these headers aren’t allowed, per the Access-Control-Allow-Headers response header on /oauth/token.
Solution
Update the tracePropagationTargets regex expression to exclude https://DOMAIN/oauth/token. Then, Sentry won’t add the sentry-trace and baggage headers to XHR request to /oauth/token.
Sentry Docs: Automatic Instrumentation for Browser JavaScript | Sentry Documentation