CORS Error on Kong Dev Portal when Open Id Connect Auth Enabled

Hi Team,

We are seeing below error for a kong dev portal when Open Id Connect Authentication is enabled. Can someone help us in setting right props ?

Access to XMLHttpRequest at ‘*****’ (redirected from ‘https:// -portal-api. / /session’) from origin 'https:// -portal.*’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Tried setting following properties, didn’t help either.

NGINX_PROXY_SET_HEADER: Access-Control-Allow-Origin https:// -portal. .com
NGINX_PROXY_SET_HEADER: Origin https:// -portal. .com
portal_cors_origins: *
portal_cors_origins: https:// -portal. .com


We have the same issue with the exact same version. I’d like to a hear a solution for this. Also I’ve noticed the same issue for manager. Although it doesn’t seem to appear always. With manager OIDC is working though.

I’ve checked in IDP, and there is a session created after I’ve clicked on “Login” button. But the app seems to think I am not logged in.

We are using RedHat SSO as IDP.

And the configuration for claims looks like this:
{ …
“consumer_by”: [
“consumer_claim”: [


We’d like to hear a solution for this.