Hello I am facing a CORS issue trying to test SuperTokens Fa

Question

Hello I am facing a CORS issue trying to test SuperTokens FastAPI React js I have followed all of Super Tokens guides

nkshah2 · Answer

Hi < Joe P> Can you post the error you receive here

Joe P · Answer

Access to fetch at BASE URL get blog id=636a190f781b4baabeddb51d from origin http localhost 3000 has been blocked by CORS policy No Access Control Allow Origin header is present on the requested resource If an opaque response serves your needs set the request s mode to no cors to fetch the resource with CORS disabled

nkshah2 · Answer

Can you post the code for where you add the Cors middleware

Joe P · Answer

FAST API Middleware app add middleware CORSMiddleware allow origins= http localhost 3000 allow credentials=True allow methods= allow headers= content type + get all cors headers init app info=InputAppInfo app name= Portal api domain= BASE URL website domain= http localhost 3000 api base path= website base path= auth

Joe P · Answer

from starlette middleware cors import CORSMiddleware from fastapi middleware cors import CORSMiddleware I have tried these both

nkshah2 · Answer

< KShivendu> Can help here

Joe P · Answer

Okay thank you

KShivendu · Answer

Check out https github com supertokens supertokens python blob master examples with fastapi with thirdpartyemailpassword main py

KShivendu · Answer

Also are you getting any error in the browser

KShivendu · Answer

check DevTools console

KShivendu · Answer

okay got it

KShivendu · Answer

where have you deployed the supertokens python sdk directly on aws lambda or somewhere else

Joe P · Answer

Managed instance

Joe P · Answer

via SuperTokens

KShivendu · Answer

and where is the fastapi server

Joe P · Answer

Heroku

KShivendu · Answer

can you try `allow origins= ` and share the error message

rp · Answer

won t work < KShivendu>

rp · Answer

what is the response headers from OPTIONS API

rp · Answer

and also from the actual API response if that happens

KShivendu · Answer

I know But it should give a different error which will ensure that issue isn t because of Heroku

rp · Answer

the error says the header is misisng in the response

rp · Answer

So we need to see what the response header is first

rp · Answer

and if it s missing in OPTIONS API or the actual API call

KShivendu · Answer

valid point

Joe P · Answer

from origin http localhost 3000 has been blocked by CORS policy Response to preflight request doesn t pass access control check No Access Control Allow Origin header is present on the requested resource If an opaque response serves your needs set the request s mode to no cors to fetch the resource with CORS disabled

Joe P · Answer

after i changed to wildcard in origins on fastapi

rp · Answer

yea the wildcard wpon t work either

Joe P · Answer

Preflight option is working seems like

rp · Answer

Seems like the actual response headers doesn t have the header

rp · Answer

which is an issue with either how you are using the CORS middleware

rp · Answer

or how you have implemented the API

Joe P · Answer

I tried axios and fetch each with their their custom headers

Joe P · Answer

If i do supertoken init at app js it should override any outbound requests right

Joe P · Answer

for the headers

KShivendu · Answer

Yes it overrides them

KShivendu · Answer

Wait let me try to replicate your setup

rp · Answer

the allow origin header is supposed to be set by the CORS middleware

rp · Answer

thats not hapening so see if you are using the CORS middleware correctly or not

KShivendu · Answer

< Joe P> Please share your full code Alter the credentials code wherever required