PraveenG.85106 (Customer) asked a question.
Hi,
We are seeing below CORS error every 1 hour.
We verified that the CORS policy is set correctly in Okta (Security->API->TrustedOrigin) for our client domain.
Access to XMLHttpRequest at 'https://companyname-devciam.oktapreview.com/oauth2/default/v1/authorize?client_id=&redirect_uri=https%3A%2F%2Flocalhost%3A portnumber %2F&response_type=code&scope=openid%20profile%20email&code_challenge= &code_challenge_method=S256&state=OpenIdConnect.AuthenticationProperties &x-client-SKU=ID_NET461&x-client-ver=5.3.0.0' (redirected from 'https://localhost:portnumber/pagename.aspx') from origin 'https://localhost: portnumber has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
We are using Okta.AspNet 3.2.2 in the asp.net 4.7.2 application. Application is owin layer with OktaMvcOptions (loginmode.oktahosted) for redirecting our users to Okta login page for authentication. After successful authentication users redirect back to the application and continue working.
After an hour the user’s screen freezes and user has to click the refresh button on the browser. We are using Chrome Browser Version 120.
We tried cleaning browser cache/cookies and still same issue.
Please suggest any solution or workaround. or let me know if you need more information
Hi @PraveenG.85106 (Customer) , Thank you for reaching out to the Okta Community!
This question is more appropriate for our dedicated Okta Developer Forum.
My advice would be to reach out devforum.okta.com to take advantage of their expertise.
While we'll do our best to answer all of your questions here, this medium is more inclined towards Okta core products and features (non-developer work).
That being said, I’m assuming you already reviewed the troubleshooting article related to this. If you haven’t, you can find it here:
https://support.okta.com/help/s/article/CORS-error-when-accessing-Okta-APIs-from-front-end?language=en_US
While you get in touch with my developer colleagues, please review some of the older posts that might shed some light on what is going on:
https://devforum.okta.com/t/response-to-preflight-request-doesnt-pass-access-control-check-no-access-control-allow-origin-header-is-present-on-the-requested-resource/2870
https://devforum.okta.com/t/cors-error-no-access-control-allow-origin-header-is-present-on-the-requested-resource/11032/7
https://developer.okta.com/blog/2021/08/02/fix-common-problems-cors
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--------------------------------
Ask the Experts: Now Thru 1/31 Okta FastPass Engineering and Product Teams Answer Your Questions
Hi Mihai,
Thanks for your reply and sharing the article links.
I will reach out to developer forum for my question.
with regards,
Praveen Gautam