Ory is the largest open source community in the world for cloud software application security. We maintain advanced open source security software solving authentication, authorization, access control, application network security, and delegation. Ory implements a variety of industry and best-practice standards including OAuth 2.0 / OAuth 2.1, OpenID Connect, Zero Trust Networking, Google Zanzibar Policy Framework, FIDO2 U2F, WebAuthn, TOTP, and more.

Ory Community

I have a home server on which I run a VM running debian where I do all my dev work from. I then ssh into the machine and access any endpoints from my personal computer's browser. (This may play into the issue?)
I have an instance of kratos self hosted as well as a server and frontend all running on the same domain, but using different ports.
Every time I try to make any sort of request to the kratos server instance from my frontend app, I am met with a CORS error. However, if I make a direct request using the search bar, there are no issues.
Here is the current error:
"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://(ipaddress of server):4455/sessions/whoami (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 404."
The request is coming from http://(ipaddress of server):5173 where the frontend react app lives,
I've tried adding the react address to the kraken.yml config file under "allowed_origins", but nothing... I'm lost and in need of a bit of direction, if anyone is willing to spend the time?