Hi,
I’m building an app with express as backend (running on localhost:9000) and create-react-app as frontend (in development running on localhost:3000).
I use the auth0 middleware on the backend to authenticate users and everything works fine if I access localhost:9000.
To make development easier, I’d like to serve the frontend on localhost:3000 and have configured a proxy for localhost:3000/api …/login …/callback …/logout to localhost:9000.
Tried various methods here:
I now however get the following error in the browser:
Access to fetch at ‘https://[…].auth0.com/authorize?nonce=[…]’ (redirected from ‘http://localhost:3000/api/[...]’) from origin ‘http://localhost:3000’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. If an opaque response serves your needs, set the request’s mode to ‘no-cors’ to fetch the resource with CORS disabled.
I see
access-control-allow-origin: *
on localhost:3000/login but not for the auth0 urls.
Seems …auth0.com/authorize is redirecting to the relative path ‘/login’ which is proxied by localhost:3000. Strangely it works if I proxy all requests or access localhost:9000. Anyone have an idea how to make this work?