Auth0 Home Blog Docs

webAuth.passwordlessVerify always fail to verify user



I am using sms passwordless to log in, and I can receive the sms code successfully.
In addition, I have added my domain to both ‘Allowed Origins (CORS)’ and Allowed Web Origins’.

However, when I call the method webAuth.passwordlessVerify, I will receive the error message below

“Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://my-domain’ is therefore not allowed access.”

I am current using auth0 js (version 9.2.0), which is the latest version
Does any one can help on this ?


Install CORS extension of chrome and enable it. Now test it in chrome browser, it will work.


I’m also with this issue. Even using a custom doman name. Both URL’s in the same root domain.


:wave: @vantechstudio were you able to solve your issue? For others seeing this, we should be able to use webAuth.passwordlessLogin instead of webAuth.passwordlessVerify and that should fix this issue moving forward.


seeing this as well after testing not using the legacy thing - so I take it that I can just use webAuth.passwordlessLogin instead with no changes, and it should work, right?


yep - I was using passwordlessVerify - changed that to use passwordlessLogin instead, and made sure “Allowed Web Origins” had my domain in there, and it seemed to work ok.