Create
cancel
Showing results for 
Search instead for 
Did you mean: 
Sign up Log in
Celebration

Earn badges and make progress

You're on your way to the next level! Join the Kudos program to earn points and save your progress.

Deleted user Avatar
Deleted user

Level 1: Seed

25 / 150 points

Next: Root

Avatar

1 badge earned

Collect

Participate in fun challenges

Challenges come and go, but your rewards stay with you. Do more to earn more!

Challenges
Coins

Gift kudos to your peers

What goes around comes around! Share the love by gifting kudos to your peers.

Recognition
Ribbon

Rise up in the ranks

Keep earning points to reach the top of the leaderboard. It resets every quarter so you always have a chance!

Leaderboard

Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
4,455,467
Community Members
 
Community Events
175
Community Groups

Getting "No 'Access-Control-Allow-Origin' header" error when 302 redirecting user to Jira Login page

I'm setting up OAuth 2.0 Authorization Code flow (aka 3LO) auth for an application I have based on the instructions provided here.  Our app is setup in such a way that we are sending users to the Jira authorization URL (step 1 in the instructions) via a 302 redirect after they have posted some other data back to our server.  Unfortunately when the browser attempts to follow the 302 redirect we are getting the following error:

Access to XMLHttpRequest at 'https://auth.atlassian.com/authorize?audience=api.atlassian.com&client_id=CDR3l3OMYU45aoDrxUhQW0Ev0rSW2nQo&prompt=consent&redirect_uri=http%3A%2F%2Flc.main.mysite.com%2Fauth%2Foauth-redirect%2Fv1&response_type=code&scope=write%3Ajira-work&state=gCzLerRUt1QM4tl4LzqX1l12SFQT8Pst9PjGriaNqNv' (redirected from 'https://lc.main.mysite.com/api/app-configuration') from origin 'https://lc.main.mysite.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

What would cause this error? Does this mean that Jira is not providing the correct Access-Control-Allow-Origin header that would allow for my site to redirect to there?  I tried adding the following headers to my 302 redirect:

Access-Control-Allow-Origin: auth.atlassian.com
Access-Control-Request-Methods: *

but i'm still getting the same error.  I've updated the redirect_uri above so it's not what is actually in the error message, but if I take the link from above that uses the REAL redirect_ufri and drop it into my browser it takes me to Jira to log in and then forwards me to the redirect URI as expected.

Can anyone tell me why this might be happening or how I might fix it?

1 answer

0 votes

Hey Abe,

did you figured out how to solve this issue?

 

Greetings Markus

Suggest an answer

Log in or Sign up to answer