AnsweredAssumed Answered

CORS Headers Issue with Auth HCI APIs

Question asked by VSRIVASTAVA Employee on Jun 27, 2017
Latest reply on Jul 3, 2017 by VSRIVASTAVA

I am facing issues with CORS Headers Issues when calling Auth HCI APIs


I need to deploy HornetPOC application on server(170) and access Auth HCI APIs, When trying to access Auth APIs getting error as below:


"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at (Reason: CORS header ‘Access-Control-Allow-Origin’ missing)"




Below is the response header when raising auth request:

Cache-Control: max-age=0

Content-Length: 874

Content-Type: application/json;charset=UTF-8

Date: Tue, 27 Jun 2017 14:07:08 GMT

Expires: Tue, 27 Jun 2017 14:07:08 GMT

Server: HCI

Set-Cookie: JwtCookie=Cookie_String


During development, I added SimpleHTTPServer and routed my requests and edited missing headers.

Development Service Access Architecture.PNG


I am not sure if I need to setup exactly same architecture on server also to have access to Auth APIs.


I have a alternate solution to deploy HornetPOC application inside HCI application folder, so that I will have same URL as we have auth API URL. In this way, CORS issue will not arise. After deploying HornetPOC application inside HCI API application folder, I will have URL something like below:


now hornetPOC application URL is as below:



Any idea how to get access to Auth APIs without having or bypassing CORS headers.


Thanks you.