Embedded login/lock not working

tswetonic · July 13, 2023, 4:28pm

Does embedded login using lock work? I’m seeing the problem described here
and I have Allowed Web Origins and Allowed Origins (CORS) configured with my domain.

Is there anything else I can try? Has anyone gotten lock to work as an embedded login recently?

Thanks

rueben.tiow · July 13, 2023, 11:13pm

Hi @tswetonic,

Welcome to the Auth0 Community!

Yes, embedded login using Auth0 Lock does work. (Reference: Embedded Login)

Seeing that you have been experiencing issues with the No ‘Access-Control-Allow-Origin’ header error, could you please confirm if the URL you are trying to reach is the same URL you defined in your Allowed Web Origins?

Additionaly, when looking at your application settings, it seems that your Allowed Web Origins in your application’s Settings view has not yet been set to the domain making the request. See Configure Cross-Origin Resource Sharing for a thorouh guide to setup CORS.

Please let me how it goes for you after making these changes.

Thanks,
Rueben

tswetonic · July 14, 2023, 12:35am

As I said, I configured Allowed Web Origins according to the documentation.

rueben.tiow · July 14, 2023, 4:49pm

Hi @tswetonic,

Thanks for following up and providing clarification.

I double-checked and see now that you have configured your Allowed Web Origins for your application to point to the correct domain.

Circling back, when we encounter the error message “No ‘Access-Control-Allow-Origin’ header,” it means that either the Access-Control-Allow-Origin header is not set correctly for the domain or it is missing entirely.

When this happens, we need to make sure the server sends the correct “Access-Control-Allow-Origin” header information in the response.

To learn more about this error, please refer to - Reason: CORS header 'Access-Control-Allow-Origin' missing - HTTP | MDN.

For example, you can configure the server to send the following header.

Access-Control-Allow-Origin: [https://<my-tenant>.us.auth0.com](https://%3Cmy-tenant%3E.us.auth0.com/)

OR

Access-Control-Allow-Origin: *

Could you please let me know how this works for you?

If the issue persists even after making these changes, could you please capture the login events in a HAR file and send them to me as a direct message?

Thanks,
Rueben

system · July 28, 2023, 4:50pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.