I have an application defined, with a callback of
Auth0 says that "By default, all your callback URLs will be allowed. "
However, on a redirect to
the OPTIONS preflight does not return any origin headers,
access-control-allow-headers: Origin, Content-Type, Accept, X-Requested-With, Authorization, Auth0-Client, X-Request-Language
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
and therefore the request fails with the infamous
No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
What am I missing ?