I am using the React SPA guide as a template: https://auth0.com/docs/quickstart/spa/react
I am redirected to the hosted login page and login successfully. However, when I try to process the token, the XHR is blocked with this error:
“Request has been terminated
Possible causes: the network is offline, Origin is not allowed by Access-Control-Allow-Origin, the page is being unloaded, etc.”
The URL of the request is: https://MY_AUTH0_DOMAIN/.well-known/jwks.json
What am I doing wrong? I have the domain listed as an Allowed Origin (CORS) in the auth0 panel.
This is especially bad on mobile safari iOS as it causes an infinite login loop. On desktop it seems to fail the first time but then reload the page and work the second time.