POST /continue causes MissingAllowOriginHeader

We use a Login / Post Login action for our auth. As part of this, we redirect to the Auth0 /continue endpoint with appropriate state and session_token params set. Here are the associated docs. This works as expected.

We’d like to be able to make either a CORS GET or POST request to /continue rather than redirecting the window location to it. The docs suggest this should work without issue. I’ve set Allowed Web Origins and Allowed Origins (CORS) settings to http://localhost:3000 as expected. However, I get a MissingAllowOriginHeader error from the request. The response headers include server: cloudflare, so it seems like a configuration issue there perhaps? In other similar threads this was resolved by clearing some cloudflare cache. Can anyone at Auth0 help me out with this?

Hi rgifford.

I’m having the same issue. Did you find a way to fix it?


Could it be this is the answer to this issue? It seems that the /continue endpoint doesn’t support AJAX calls.

Is there an official documentation on the /continue endpoint with these limitations? I haven’t been able to find one.