2

I am trying to get the current session Object from Okta using the sessions/me endpoint called from Javascript (Redux action), but I get a not found response, even when I have an active session.

It's not CORS related, I enabled CORS for my domain.

The best I can tell is a cookie related issue. When I call sessions/me from the browser directly, I see the browser attaching multiple cookies to my request. When I call from javascript, there are no cookies attached to the request.

Is there a way, from Javascript to have access to the cookie needed for sessions/me to succeed?

sonia
  • 21
  • 1
  • 2

2 Answers2

0

I'm guessing this is a 3rd party cookie issue:

https://blog.zok.pw/web/2015/10/21/3rd-party-cookies-in-practice/

For example, in Safari privacy settings, I am able to repro the 404 on sessions/me if I set "Cookies and website data" to "Allow from current website only". If I set it to "Allow from websites I visit", I no longer get the 404 and /sessions/me works as expected.

remanc
  • 205
  • 2
  • 10
0

Which browser are you using? Please see the following page to learn more about CORS and browsers supported: http://developer.okta.com/docs/api/getting_started/enabling_cors.html#browser-support