We’re getting the following error after upgrading Auth0 WP plugin to v4.0.0.
Access to XMLHttpRequest at 'https:/[our auth0 account].eu.auth0.com/usernamepassword/challenge' from origin 'https://[our domain].com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Our domain ( https://[our domain].com ) as well as the page ( https://[our domain].com/dashboard ) where the Auth0 powered login is placed are added to Allowew Origins (CORS) field in our Application settings but the issue still exists.
Any recommendation on how to tackle this issue?
Thank you
Hi, we have the same issue after upgrading. Did all the steps below.
How was it solved at your end developer6?
Access to XMLHttpRequest at ‘https:/[our auth0 account].eu.auth0.com/usernamepassword/challenge’ from origin ‘https://[our domain].com’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
We’re getting the same issue since updating to the wordpress plugin v4.0. We set the domain in both Allowed Web Origins and Allowed Origins (CORS). Our error is identical to the one above.
Apologies for the trouble here and happy to help troubleshoot.
Can someone post what page(s) that this error is appearing on and what action is being taken to generate it? Also, if you can post any non-default settings you’re using, specifically:
Custom domain?
Universal login?
Widget or shortcode login form?
Passwordless?
Anything you can provide around how to reproduce this error would be helpful. Thank you!
Unfortunately we don’t have a live environment which uses v4.0 atm. But I can say the following regarding our settings:
Custom domain: No
Universal login: No
Widget or shortcode login form: Yes
Passwordless: No
Also:
The error occurs right way on page load
WP v5.3.2, WooCommerce v3.9.2 and PHP v7.3 is the setup we have
p.s. I might be able to create a staging environment with v4.0. I’d rather not share the URL here publicly ( company policy ). I can share it via a PM though.
I’m trying to reproduce this in order to see if there’s a way to troubleshoot it. If you’re still experiencing this issue, could you please let me know how to best replicate this? I understand you’re on WP 5.3.2, and upgraded from Auth0 WP plugin 3.11.3 to v4.0 and CORS started to popup in the console. There’s also WooCommerce plugin installed, and you’re using embedded login. Any additional details and specifics would be greatly appreciated.
Also, if you have specific concerns with migrating to new Universal Login experience, I’d be happy to address them!
