Getting "No 'Access-Control-Allow-Origin' header" error when 302 redirecting user to Jira Login page

I'm setting up OAuth 2.0 Authorization Code flow (aka 3LO) auth for an application I have based on the instructions provided here.  Our app is setup in such a way that we are sending users to the Jira authorization URL (step 1 in the instructions) via a 302 redirect after they have posted some other data back to our server.  Unfortunately when the browser attempts to follow the 302 redirect we are getting the following error:

Access to XMLHttpRequest at 'https://auth.atlassian.com/authorize?audience=api.atlassian.com&client_id=CDR3l3OMYU45aoDrxUhQW0Ev0rSW2nQo&prompt=consent&redirect_uri=http%3A%2F%2Flc.main.mysite.com%2Fauth%2Foauth-redirect%2Fv1&response_type=code&scope=write%3Ajira-work&state=gCzLerRUt1QM4tl4LzqX1l12SFQT8Pst9PjGriaNqNv' (redirected from 'https://lc.main.mysite.com/api/app-configuration') from origin 'https://lc.main.mysite.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

What would cause this error? Does this mean that Jira is not providing the correct Access-Control-Allow-Origin header that would allow for my site to redirect to there?  I tried adding the following headers to my 302 redirect:

Access-Control-Allow-Origin: auth.atlassian.com
Access-Control-Request-Methods: *

but i'm still getting the same error.  I've updated the redirect_uri above so it's not what is actually in the error message, but if I take the link from above that uses the REAL redirect_ufri and drop it into my browser it takes me to Jira to log in and then forwards me to the redirect URI as expected.

Can anyone tell me why this might be happening or how I might fix it?