User16477781183898840210 (Customer) asked a question.
Trying to connect AWS ALB to OKTA
We get
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://dev-123456.okta.com/oauth2/default/v1/authorize?client_id=XYZ&redirect_uri=https%3A%2F%2XYZ%2Foauth2%2Fidpresponse&response_type=code&scope=openid%20profile%20email%20offline_access&state=XYZ. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200
We defined OKTA as our OIDC-compliant IdP as shown in this article:
Our JS code is making a request to the ALB. This trigger the JS to make another request to /authorize
We've set https://XYZ as a trusted origin when creating the Application
We've set https://XYZ as a trusted origin in the Globally trusted origins
If we can discover the origin we can add it to the trusted origins.
Is there a way to find out the origin that is being sent to OKTA?
Thank you
Hi @User16477781183898840210 (Customer) , Thank you for reaching out to the Okta Community!
Here are some older posts reporting similar issues, perhaps they contain useful information:
https://github.com/okta/okta-auth-js/issues/605
https://devforum.okta.com/t/cors-header-access-control-allow-origin-missing-although-cors-is-enabled/5900
That being said, my advice would be to reach out to the dedicated Developer Forum devforum.okta.com to take advantage of their expertise.
While we'll do our best to answer all of your questions here, this medium is more inclined towards Okta core products and features.
If my answers helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--------------------------------
Community members help others by clicking Like or Select as Best on responses. Try it today.