I’ve encounter this error when I tried to make a request on one of the rules I’ve created using AJAX in my client (which is php) error said The ‘Access-Control-Allow-Origin’ header contains multiple values ‘http://localhost:8080, *’, but only one is allowed. Origin ‘http://localhost:8080’ is therefore not allowed access
In my network there’s two Access-Control-Allow-Origin
Log during client request it shows
oathkeeper-proxy_1 | [cors] 2018/10/09 14:26:51 Handler: Preflight request oathkeeper-proxy_1 | [cors] 2018/10/09 14:26:51 Preflight response headers: map[Access-Control-Allow-Credentials:[true] Vary:[Origin Access-Control-Request-Method Access-Control-Request-Headers] Access-Control-Allow-Origin:[http://localhost:8080] Access-Control-Allow-Methods:[POST] Access-Control-Allow-Headers:[Authorization]] oathkeeper-proxy_1 | [cors] 2018/10/09 14:26:51 Handler: Actual request oathkeeper-proxy_1 | [cors] 2018/10/09 14:26:51 Actual response added headers: map[Vary:[Origin] Access-Control-Allow-Origin:[http://localhost:8080] Access-Control-Allow-Credentials:[true]] oathkeeper-proxy_1 | time="2018-10-09T14:26:51Z" level=info msg="started handling request" method=POST remote="192.168.1.209:50802" request=/resource-server/userinfo
But In my nodejs client it works fine.