AnsweredAssumed Answered

CORS Headers Issue with Auth HCI APIs

Question asked by VSRIVASTAVA Employee on Jun 27, 2017
Latest reply on Jul 3, 2017 by VSRIVASTAVA

I am facing issues with CORS Headers Issues when calling Auth HCI APIs

 

I need to deploy HornetPOC application on server(170) and access Auth HCI APIs, When trying to access Auth APIs getting error as below:

 

"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://216.84.238.170:8888/auth/oauth/. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing)"

 

Auth API URL: https://216.84.238.170:8888/auth/oauth/

 

Below is the response header when raising auth request:

Cache-Control: max-age=0

Content-Length: 874

Content-Type: application/json;charset=UTF-8

Date: Tue, 27 Jun 2017 14:07:08 GMT

Expires: Tue, 27 Jun 2017 14:07:08 GMT

Server: HCI

Set-Cookie: JwtCookie=Cookie_String

 

During development, I added SimpleHTTPServer and routed my requests and edited missing headers.

Development Service Access Architecture.PNG

 

I am not sure if I need to setup exactly same architecture on server also to have access to Auth APIs.

 

I have a alternate solution to deploy HornetPOC application inside HCI application folder, so that I will have same URL as we have auth API URL. In this way, CORS issue will not arise. After deploying HornetPOC application inside HCI API application folder, I will have URL something like below:

https://216.84.238.170:8888/hornetweb/

 

now hornetPOC application URL is as below:

Hornetpoc

 

Any idea how to get access to Auth APIs without having or bypassing CORS headers.

 

Thanks you.

Outcomes