Hi everyone,
Currently we are using a custom domain to integrate with our react application. The method getAccessTokenSilently() added some unwanted headers and make a call to /oauth/token.
I messaged the auth0 support and they responded to me this one.
**It looks like the CORS error in your screenshot is showing the message "request header field x-datadog-origin is not allowed by access-control-allow-headers" on a request to the /oauth/token endpoint.
Unfortunately, /oauth/token endpoint does not accept any other headers apart from the ones listed below:
It's not possible to allow/add other headers currently**
I tried to disable our datadog implementation and it works properly. It seems like datadog automatically include some headers and the SDK made the call with them.
Describe the ideal solution
I think it's better to send only the necessary headers to /oauth/token
Checklist
Describe the problem you'd like to have solved
Hi everyone, Currently we are using a custom domain to integrate with our react application. The method getAccessTokenSilently() added some unwanted headers and make a call to /oauth/token. I messaged the auth0 support and they responded to me this one. **It looks like the CORS error in your screenshot is showing the message "request header field x-datadog-origin is not allowed by access-control-allow-headers" on a request to the /oauth/token endpoint.
Unfortunately, /oauth/token endpoint does not accept any other headers apart from the ones listed below:
Origin, Content-Type, Accept, X-Requested-With, Authorization, Auth0-Client, X-Request-Language
It's not possible to allow/add other headers currently**
I tried to disable our datadog implementation and it works properly. It seems like datadog automatically include some headers and the SDK made the call with them.
Describe the ideal solution
I think it's better to send only the necessary headers to /oauth/token
Alternatives and current workarounds
No response
Additional context
No response