Auth0 Home Blog Docs

CORS issue using /authorize endpoint



I’m using angular2 app. Have been following the api documentation , singup, password change, custom login all work fine, except the social login progiders. I’m specifically using the Social authentication, google and facebook. From angular app I’m calling /authorize end point and I’m getting below error message

XMLHttpRequest cannot load Redirect from ‘’ to ‘…callback&state=ckuE1ECsJ2C19K78cLiF8j8LHtdfnOiS&client_id=1876559642565417’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://localhost:5555’ is therefore not allowed access.

Here is my angular2 code

let url = ‘’ + Config.auth0ClientID +
’&connection=’ + providerType + ‘&state=rmo-social-auth-csrf-token’;

return this.http.get(url)

following the link I tried to navigate to the URL instead of making an http call as above, but still I get the same exact error message.

NOTE: if I use the lock0 js methods as below, social provider works fine. I have enabled my end points in CORS section of auth0 dashboard. So issue is not at on google side.

connection: providerType,
redirect: true,
popupOptions: {
width: 450,
height: 600


This is not an Auth0 issue, but rather the behaviour in Chrome, where Chrome does not support localhost to go through the Access-Control-Allow-Origin. Please see the following post for details: