Netlify Graph CORS policy error

My site is live at https://spotify-graph-test.netlify.app

When I attempt authenticating via Spotify with the automatically generated handler/component, I get an error message as follows:

Invalid redirect domain
https://spotify-graph-test.netlify.app’ is not allowed as a redirect domain for this app.
If you’re the developer, be sure to add ‘https://spotify-graph-test.netlify.app’ to your app’s CORS origins so your users can log into your app.
You can do this on the app’s dashboard

Following the advice of other netlify CORS issues online, I have modified my netlify.toml config file to the following:

[graph]
  codeGenerator = "netlify-builtin:nextjs"

[[headers]]
  for = "/*"
    [headers.values]
    Access-Control-Allow-Origin = "*"

But the error still occurs, what should I do?

Hi @MatthewssSmith1,

Welcome to Netlify Forums!

Could you confirm if you’ve added the CORS origin here?

Also, could you confirm if you’re not using a Custom OAuth Client:

Because if you’re, you might have to setup a custom redirect URL as explained there.

Lastly, you do not need to add the custom header that you’ve added - you can safely remove it.