https://www.ory.sh/ logo
Join Slack
Powered by
<@U04UQ68083H> Hi, I’m starting using Ory Network ...
# ory-copilot
a
@chilly-king-10285 Hi, I’m starting using Ory Network for an app I’m working on. App is currently in heavy development right now. I’ve been able to get OIDC with Google social login working, but then I’m stuck on the ORY session page instead of going back to my app page. I need to get through some issues that seem to be stemming from the tunneling proxy for local development. Likely a simple issue on my end. My setup is similar to the React App integration sample:
Copy code
# In browser
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at <http://localhost:4000/sessions/whoami>. (Reason: CORS request did not succeed). Status code: (null).
Copy code
# In my console
➜  junta-interfaz git:(main) ✗ npx @ory/cli tunnel --dev <http://localhost:3000> --port 4000 --allowed-cors-origins "*" --debug
A browser should have opened for you to complete your login to Ory Network.
If no browser opened, visit the below page to continue:

                <https://project.console.ory.sh/oauth2/auth?audience=https%3A%2F%2Fapi.console.ory.sh&client_id=ory-cli&code_challenge=tl9t-5S9BvTjYNctOUSiGpDm9h6QAo99ec55wqF7Q7E&code_challenge_method=S256&prompt=login+consent&redirect_uri=http%3A%2F%2F127.0.0.1%3A63683%2Fcallback&response_type=code&scope=offline_access+email+profile&state=nTIT60NzhLKVS4DLnblxsz1MKRqb3Otv>
Copy code
# In another console
➜  junta-interfaz git:(main) ✗ npm run dev

> junta-interfaz@0.1.0 dev
> next dev

  ▲ Next.js 14.2.15
  - Local:        <http://localhost:3000>
  - Environments: .env

 ✓ Starting...
 ✓ Ready in 1096ms
b
A message from kapa.ai
It seems like you're encountering Cross-Origin Resource Sharing (CORS) errors. This is likely due to the fact that your application and the Ory APIs are not on the same domain. The Ory security model uses HTTP cookies to manage sessions, tokens, and cookies, and for this to work, the Ory APIs must be exposed on the same domain as your application[^1^][^2^]. When developing locally, you should use either 
localhost
or 
127.0.0.1
, but not both[^1^][^2^]. Using both interchangeably in your code can cause problems with the origin of HTTP cookies sent by the application[^1^][^2^]. To get your application that runs locally and Ory APIs on the same domain, you can use Ory Tunnel, a development tool bundled with Ory CLI[^1^][^2^]. You can start the Ory Tunnel with the following command:
Copy code
bash npx @ory/cli tunnel --dev <http://localhost:3000>
After running this command, Ory APIs will be mirrored on `http://localhost:4000`[^1^][^2^]. You should use this URL as the 
baseUrl
for the 
@ory/client
SDK[^1^][^2^]. The 
--dev
flag disables security checks for easier integration and should not be used when deploying the Tunnel to a staging environment[^1^][^2^]. If you're still encountering CORS errors after following these steps, you can use the 
--allowed-cors-origins
flag with the Ory Tunnel command to specify a list of allowed CORS origins[^8^]. However, Ory Network doesn't allow setting the CORS origins to be 
*
, 
null
or `localhost/127.0.0.1`[^6^]. For local development with 
localhost/127.0.0.1
, it's recommended to use Ory Tunnel[^6^]. [^1^]: (source: https://www.ory.sh/docs/getting-started/integrate-auth/react#run-ory-apis-on-localhost) [^2^]: (source: https://www.ory.sh/docs/getting-started/local-development#local-development) [^6^]: (source: https://www.ory.sh/docs/guides/cors) [^8^]: (source: https://www.ory.sh/docs/cli/ory-tunnel#options)
a
@chilly-king-10285 As shown in my initial prompt, I am starting the tunnel via the npx @ory/cli tunnel command
b
A message from kapa.ai
I see that you're already using the Ory Tunnel for local development, which is the recommended way to avoid CORS issues[^1^][^2^][^6^]. However, the error message you're seeing suggests that there might be an issue with the way the tunnel is set up. Here are a few things you could check: 1. Ensure the Ory Tunnel is running on the correct port: The Ory Tunnel should be running on port 4000[^1^][^2^]. You can specify this port when starting the tunnel with the 
--port
flag[^8^]. However, the 
--port
flag is not mentioned in the official Ory documentation, so it's possible that it might not be supported. If specifying the port doesn't work, you could try running the tunnel without the 
--port
flag, as the Ory APIs should be automatically mirrored on `http://localhost:4000`[^1^][^2^]. 2. Check the 
baseUrl
in your application: The 
baseUrl
for the 
@ory/client
SDK in your application should be set to 
<http://localhost:4000>
, which is where the Ory APIs are mirrored[^1^][^2^]. 3. Ensure the 
--dev
flag is used for local development: The 
--dev
flag disables security checks for easier integration and should be used when developing locally[^1^][^2^]. However, it should not be used when deploying the Tunnel to a staging environment[^1^][^2^]. 4. Check the allowed CORS origins: If you're still encountering CORS errors, you can use the 
--allowed-cors-origins
flag with the Ory Tunnel command to specify a list of allowed CORS origins[^8^]. However, Ory Network doesn't allow setting the CORS origins to be 
*
, 
null
or `localhost/127.0.0.1`[^6^]. If you've checked all of these things and you're still encountering issues, it might be helpful to look at the debug output from the Ory Tunnel. You can enable debug output by using the 
--debug
flag when starting the tunnel[^8^]. [^1^]: (source: https://www.ory.sh/docs/getting-started/integrate-auth/react#run-ory-apis-on-localhost) [^2^]: (source: https://www.ory.sh/docs/getting-started/local-development#local-development) [^6^]: (source: https://www.ory.sh/docs/guides/cors) [^8^]: (source: https://www.ory.sh/docs/cli/ory-tunnel#options)
5 Views
Open in Slack
PreviousNext
Powered by