Discourse Plugin Access-Control-Allow-Origin


I am using the Discourse Auth0 plugin from GitHub - auth0/discourse-plugin: Discourse plugin to authenticate with auth0. with Discourse 2.0beta3.
The login window shows up instead of Discourse’s own login, but I can never login because of a cross site error.
In the Chrome console it says:
(I had to replace the URLs since as a new users I can’t post links.)

Failed to load URL: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘URL2’ is therefore not allowed access.

I already added URL2 to Allowed Web Origins and Allowed Origins (CORS) in the client settings for which I entered the data into the auth0 plugin.

I tested it also with Internet Explorer and it always says wrong email/password, but shows a similar error on the console:

SEC7120: Origin URL2 not found in Access-Control-Allow-Origin header.

Do I need to enter the original URLs anywhere else in the Auth0 dashboard or the plugin?

This plugin is on its way to being deprecated for the time being. Instead we recommend that you use the Discourse OAuth2 Basic plugin

We also talked a bit about it here: