Failed by CORS Error - Origin [URL] is not allowed. Behavior used for check: WEB ORIGINS

Hi All,
I have a web app that uses Auth0 for log in/authentication.
I created a new user account for a client with a temp password - I am able to successfully log in to using those credentials.
But they are unable to log into the system (tried on multiple devices/browsers)

Logs display Failed by CORS Error - Origin [URL] is not allowed. Behaviour used for check: WEB ORIGINS.

Any help would be really appreciated.


Hi @info32,

Could you clarify some things?

What do you mean log into the system? You say they are able to successfully login in the line above, what is the difference here? Screenshots can be helpful.

Where are you getting this error? From your Auth0 logs on the admin console, or from your application logs?

Let me know,

Hi Dan,
Thanks for a prompt response, in answer to your questions:

  1. User visits my website - Presses login button > which opens the Auth0 login modal > enter their username/password > press sign in -> Auth modal displays error ‘Oops something went wrong’
  • However I am able to log successfully into the website with their credentials.
  1. Yes the Auth0 logs on the admin console are displaying the Failed by CORS (at the time that this user is trying to log in)

When the Auth0 login page is loaded it generates 2 issues (see attached screenshot)

Thanks in advance


The SameSite warning could be trivial, Chrome recently changed how cookies are handled and we are setting a duplicate cookie to comply with the changes.

I can’t speak to the appendChild error, I would probably have to see the code it is related to.

Did you follow a quickstart or tutorial to set up your auth? Could you provide me with a HAR file of the transaction?

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.