1

I'm using Reactjs and I'm trying to do a POST request with Axios to send a SMS with Nexmo. I can receive the SMS but I have this error on the console No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. Here's my code :

axios({
  method : 'post',
  url : 'https://rest.nexmo.com/sms/json',
  params:{
    api_key:'xxxxxxxxx',
    api_secret:'xxxxxxxxx',
    to:phoneNumber,
    from:'NEXMO',
    text:"New message"
  },
  headers:{
      'Content-Type': 'application/x-www-form-urlencoded'
  }
})
.then(function (response) {
  console.log(response);
})
.catch(function (error) {
  console.log(error);
});

How can I fix this issue ? Thx

Zoomzoom
  • 189
  • 3
  • 13
  • Possible duplicate of ["No 'Access-Control-Allow-Origin' header is present on the requested resource"](http://stackoverflow.com/questions/20035101/no-access-control-allow-origin-header-is-present-on-the-requested-resource) – Michael Peyper Apr 03 '17 at 20:44
  • @Zoomzoom I am facing the same situation - how did you solve this? – whodeee Jan 24 '18 at 14:45

1 Answers1

1

The Nexmo SMS API should only be interacted with from a trusted and secure client. With the API key and secret credentials you have significant access to your Nexmo account so you should not expose those credentials to "users" of an application. That normally means you should only use the key and secret credentials with the API from a server.

The Nexmo Voice API does offer JWT auth support that would be better suited to client-side API interactions since you can create very short-lived tokens and control what resources and functionality the token allows. But the SMS API only offers key and secret auth.

leggetter
  • 15,248
  • 1
  • 55
  • 61
  • I am trying to implement this same thing. Can you direct me on how to go about using JWT for this? – whodeee Jan 24 '18 at 14:46