CORS errors on /oauth/token with Sentry

Problem statement

Now that we’ve added a custom domain, but we are getting CORS errors on /oauth/token.


  • CORS error on /oauth/token


  • Steps that can be taken by the user to identify and verify the problem, including relevant links to external resources


  • Sentry is adding the sentry-trace and baggage headers to XHR requests to /oauth/token, but these headers aren’t allowed, per the Access-Control-Allow-Headers response header on /oauth/token.


Update the tracePropagationTargets regex expression to exclude https://DOMAIN/oauth/token. Then, Sentry won’t add the sentry-trace and baggage headers to XHR request to /oauth/token.

Sentry Docs: Automatic Instrumentation for Browser JavaScript | Sentry Documentation

1 Like