Javascript call to Jira API using OAuth 2.0

Attempting to make a Javascript call to the Authorize method for the Jira API but I keep getting CORs errors:

taskpane.html:1

   Access to fetch at 'https://auth.atlassian.com/authorize?audience=api.atlassian.com&client_id=<my client id>&scope=offline_access%20read:jira-work%20manage:jira-configuration&redirect_uri=https://servicechannel.com&state=12345678999&response_type=code&prompt=consent' from origin 'https://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

It was my understanding that using OAuth that CORS was resolved?

Any help is appreciated,

Jason Gauntz

@JasonGauntz welcome to the Atlassian developer community.

I think you might have misunderstood something in the OAuth 2.0 authorization code flow. The authorize URL you are trying to fetch is not an API in that way. Your code needs to redirect to that page for the user to authorize, then accept the redirection back to your site. To my knowledge the authorization code flow is not possible using front-end code only because the flow is stateful with regard to a user session.

Hi,
I am redirecting the user to get the code.
But the documentation says that I need to call a REST API to get the token by using the code.l
So, how can I call the auth API to get the token from my webapp?