Session timeout using spring boot webapp

Hi Auth0 community

I’ve followed this spring boot quickstart and my webapp is now working with my Auth0 tenant using universal login.

I want to apply a session timeout of 15 minutes and force idle users to log in again.

I used to spring session timeout property to adjust the application timeout, and I see that an /authorize request is sent to my custom-domain auth0 tenant. But I get CORS error

Access to XMLHttpRequest at 'https://.../authorize?....' (redirected from 'http://localhost:8080/...) from origin 'http://localhost:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

As I read here and here, this error is given since the authorize endpoint is not called properly since it is called directly from spring.

What are the available solutions for such deployment?