OAuthError: User is not assigned to the client application.

[drldavis]

I followed the README instructions for the vue-sample exactly but I'm getting this error whenever I hit the login button.

My environment variables: ISSUER=dev-98975133.okta.com/oauth2/default CLIENT_ID=0oao9k9jr1vQz655d6

Not sure what this error is telling me.

[mraible]

You need to assign your user or the Everyone group to your app.

On May 1, 2021, at 19:25, drldavis @.***> wrote:

 I followed the README instructions exactly but I'm getting this error.

My environment variables: ISSUER=dev-98975133.okta.com/oauth2/default CLIENT_ID=0oao9k9jr1vQz655d6

Not sure what this error is telling me.

— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub, or unsubscribe.

[drldavis]

Oh that makes sense. I didn’t see this step in the README or the getting started docs. Did I just miss something?

[mraible]

No, you didn't miss anything. It used to happen by default, that's why it's not documented. We're restoring the defaults soon.

[drldavis]

Is there another missing step to get logout to work? Clicking logout gives me a CORS error. Access to XMLHttpRequest has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I'm confused why logging in doesn't throw a cors error but logging out does?

[mraible]

Yes, you have to add your app's address as a trusted origin in Security > API > Trusted Origins.

[drldavis]

Oh okay thanks. Why would logout require CORS but login not?

[mraible]

Because login does a redirect while logout does an XHR request.

On May 2, 2021, at 21:19, drldavis @.***> wrote:

 Oh okay thanks. Why would logout require CORS but login not?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or unsubscribe.