Hi @tswetonic,
Thanks for following up and providing clarification.
I double-checked and see now that you have configured your Allowed Web Origins for your application to point to the correct domain.
Circling back, when we encounter the error message “No ‘Access-Control-Allow-Origin’ header,” it means that either the Access-Control-Allow-Origin header is not set correctly for the domain or it is missing entirely.
When this happens, we need to make sure the server sends the correct “Access-Control-Allow-Origin” header information in the response.
To learn more about this error, please refer to - Reason: CORS header 'Access-Control-Allow-Origin' missing - HTTP | MDN.
For example, you can configure the server to send the following header.
Access-Control-Allow-Origin: [https://<my-tenant>.us.auth0.com](https://%3Cmy-tenant%3E.us.auth0.com/)
OR
Access-Control-Allow-Origin: *
Could you please let me know how this works for you?
If the issue persists even after making these changes, could you please capture the login events in a HAR file and send them to me as a direct message?
Thanks,
Rueben