-2

I created a axios get request in javascript to my apigateway url.

const headers = { Authorization: 'Bearer ' + user.value, 'Accept': 'application/json' };

const response = await axios.get('MYAPI', { headers });

console.log(response);

It gives a 401 Unauthorized.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://MYAPI.amazonaws.com/.... (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 401.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://MYAPI.amazonaws.com/..... (Reason: CORS request did not succeed). Status code: (null).

But when I access this endpoint via Postman it gives the success result. In postman I enter the access token. The user.value variable contains my access token. I know for sure the token is filled because I see it in my Authorization request header.

How can I get the same result as in postman? What am I doing wrong here?

Joris Schellekens
  • 8,483
  • 2
  • 23
  • 54
rickmix
  • 1
  • 2
  • CORs, is a browser feature, postman as an app won't have this restriction. The only solution for web is to allow valid domains using the correct CORs headers on server side, or use a proxy. – Keith Jun 23 '23 at 08:08
  • Currently i added /*/ to Access-Control-Allow-Origin Apigateway endpoint. – rickmix Jun 23 '23 at 08:16

1 Answers1

0

You cannot access any amazon API endpoints from the client side due to the simple fact that you are not supposed to, you do not share the same domain.

Best option is for you to build your own custom API service which you will have full control over what headers are sent, from the API you can make requests and access your Amazon API gateway, you can now pass the response from the Amazon API as to your custom API response and use that on your client side.

3m1n3nc3
  • 353
  • 7
  • 21