Mikael Hedlund

Hi Greg,

Finally got it working by disabling cors to obtain the token and then activating cors for the "data call" itself.

Thanks for your quick response and commitment :-)

/Mikael

Hi,

Don't know if this is the right thread but i'm having trouble using cors from a ticket side bar application.

The application itself doesn't call any ticket api's instead i only want to do an external api call from a "browser context" instead of the Zendesk server origin.

So when not using cors (cors=false), the api call works fine except that the origin is from a Zendesk server that can have a lot of different ip's making it hard to allow for firewall blocking.

Instead i want it to be "browser initiated" api call with a known browser ip managed by the firewall but i can't make it work :-(

I receive the following error when cors is enabled (true):

Access to XMLHttpRequest at 'https://********.lindex.com/token' from origin  https://lindex********.zendesk.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.