I had hosted a webapp on S3 and we used the S3 Hosting link to access the webapp. We have a Login option on the App that calls the Okta sign in link from within. Everything was working fine on the S3 link and I had enabled the Okta link on the S3 CORS as allowed origin. I recently added the S3 Origin to Cloudfront, now, I'm not able to procees with the Login as the Okta link is being blocked by CORS Policies.
Details :
- The entire site is working normally as expected.
- The CORS issue only comes up on the Cloudfront link. No CORS errors come up when using the S3 static link. ( as the S3 CORS have been added to allow Okta links )
- Error that comes up : Cross origin resource sharing error: PreflightMissingAllowOriginHeader.
Access to fetch at 'https://{my_okta_org}.okta.com/api/v1/authn' from origin 'https://{cloudfront_release}.cloudfront.net' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
Questions:
- What Config changes do I have to add on Cloudfront to allow the allowed CORS on S3?
Reference:
Other Details :
- CORS allowed in S3:
{
"AllowedHeaders": [
"*"
],
"AllowedMethods": [
"GET",
"PUT",
"POST",
"DELETE",
"HEAD"
],
"AllowedOrigins": [
"https://{my_okta_url}.okta.com"
],
"ExposeHeaders": []
},
- Cloudfront Details :