Quick question, I’ve created a post request hook in the management dashboard, and it appears to be working as I expect it to.
Unfortunately my server is denying the request due to it’s Cross Origin policy.
I can’t for the life of me find in the dashboard or anywhere on the internet where these hooks should be originating from, so I can’t update my server’s CORS policy.
Although the server side (API) plays a role in CORS in terms of choosing to set or not set the relevant CORS headers the actual enforcement is done on the client side (user-agent). In other words, it’s unexpected for a server to be denying a request due to CORS (Fetch Standard).
The hooks request originate a server-side service within the Auth0 infra-structure and the client component making these requests will not perform any decision based on CORS headers returned by the server.
You should clarify your exact situation because what you describe is unexpected; is the server denying the request because they lack certain HTTP headers, is that it?
As this topic is related to Rules - Hooks - Actions and Rules & Hooks are being deprecated soon I’m excited to let you know about our next Ask me Anything session in the Forum on Thursday, January 18 with the Rules, Hooks and Actions team on Rules & Hooks and why Actions matter! Submit your questions in the thread above and our esteemed product experts will provide written answers on January 18. Find out more about Rules & Hooks and why Actions matter! Can’t wait to see you there!