CORS errors with the wordpress plugin

Hi guys I’ve got the plugin installed and can authenticate when i start chrome with no security (google-chrome --disable-web-security --user-data-dir) However, when I run the plugin as normal it errors out when i use either password or passwordless logins. Specifically, I can get the authorization code and when I enter it in lock, it fails with the error below:

Failed to load https://<my-domain> Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://<my-domain>.com' is therefore not allowed access.

Should I be editing my apache config to fix this? or does wordpress prefer I do something else?

As it has been more than a few months since this topic was opened, and there has been no reply or further information provided as to the existence of the issue, we are closing this topic. Please don’t hesitate to create a new topic if this issue is still present, we would be happy to work with you to help find a resolution.