Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

CORS error on Runtime API endpoint


Level 2

I'm setting up an API through OpenWhisk with multiple endpoints:

/privacy/jobs/create POST
/privacy/jobs/{jobID} GET
/privacy/jobs/files/{jobID} GET
/privacy/events/  GET and POST

for my POST /jobs/create endpoint, I am getting CORS errors: 

Access to XMLHttpRequest at '****/privacy/jobs/create' from origin '' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I can access the endpoint with Postman just fine. To test if it was just a nested endpoint issue, I created a GET /jobs/create endpoint (same endpoint, different method), and am receiving 0 errors accessing directly from the browser. The only difference is that my POST /jobs/create endpoint points to a zip action. My GET /jobs/create does not.

Is there something I'm missing in my zip action? 

I've added access-control headers to my return: 


return {
  headers: { 
  statusCode: 200,
  body: {
    jobIds: privacy_jobIds

What am I doing wrong here? I can access every other endpoint on the /privacy API just fine.

1 Reply