Requests API has CORS


  • Kaela Chandrasekaran

    Can you share your code? Where are you calling the api from?

  • Varnish Software
    export const AXIOS_INSTANCE_PARAMS = {

    baseURL: '',

    timeout: 20000


    const token = 'token'

    const instance = axios.create(AXIOS_INSTANCE_PARAMS)

    export const getIssues = () => {

    return instance.get('requests.json', {

    headers: {

    'Content-Type': 'application/json'


    auth: {

    username: 'email/token',

    password: token



  • Tipene Hughes
    Zendesk Developer Advocacy
    Hi Sudaman,
    Thanks for reaching out!
    As mentioned in the article here about CORS requests, the Create Request endpoint is one of the few exceptions where CORS is implemented so I'm not exactly sure why you'd be seeing that error in your console. Can you try running the example below, or something similar, and let me know how you go?
    const createRequest = async () => {
    const url = "https://{subdomain}";
    const config = {
     method: "POST",
     headers: {
       "Content-Type": "application/json",
     body: JSON.stringify({
       request: {
         requester: { name: "anon" },
         subject: "Test",
         comment: { body: "Test" },
    const response = await fetch(url, config);
    const data = await response.json();
    Feel free to reach out with any questions!
  • Varnish Software

    It's actually the endpoint to get the list of the requests, and update one. Create, upload attachment worked fine. It's bit fuzzy preflight request also returns 200 and GET request too only the allow-origin header is missing. Just to continue the integration, I am using a proxy server. It would be nice to just run without the proxy. It's a usual API request with Authorization and content-type header. Don't really understand why?

  • Varnish Software

    "Zendesk only implements CORS for API requests authenticated with OAuth access tokens. It does not implement CORS for API requests that use basic authentication (email and password) or a Zendesk API token." As of your link it also says it doesn't implement CORS for API token.


Please sign in to leave a comment.

Powered by Zendesk