Error in userinfo endpoint - status 400 No 'Access-Control-Allow-Origin' header is present on the requested resource

liav.zilbershtein · September 2, 2019, 10:33am

Hi,
Recently I start to get 400 error when trying to get the user info.
The error in the console is :
Access to XMLHttpRequest at ‘https://oz-dev.eu.auth0.com/userinfo’ from origin ‘http://localhost:4200’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
Request has been terminated
Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc.

I tried to allow it in the dashboard - and it didn’t work(the address is already in the allowed callback urls). Moreover, i tried to connect to another tenant in auth0 and it works. It started to fail only in the last days.

The OPTIONS request is:

liav.zilbershtein · September 2, 2019, 11:01am

I tested it in postman and received an error similar to

The problem was that the token was large because my custom claim was too large.
I fixed it by cleaning it and deleting redundant data.

konrad.sopala · September 2, 2019, 11:02am

Thanks a lot for sharing it with the rest of community!