Access-Control-Allow-Origin Error


Im trying to make a HTTP Request from my localmachine but getting this error.

Access to XMLHttpRequest at 'http://server_ip/rest/workflows' from origin 'http://localhost:50791' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I have passed the basic auth credentials in the header. Here is my request details.

headers: {
        "content-type": "application/json; charset=utf-8",
        "Authorization": basicAuth,
        "Access-Control-Allow-Origin": "*",
        "Access-Control-Allow-Credentials": true, 

Here basicAuth = "Basic [Base64Enocde of Username:Password]"

Is there something that needs to be passed in the header that’s missing?

You are saying that you add those headers to the request? Because that would not work. The header “Access-Control-Allow-Origin” has to be returned by the endpoint you are calling.

Yeah got it thanks