CORS policy error

  • 8 November 2021
  • 1 reply


I ask the question here before breaking my  head against a wall.

I'm trying to do some simple javascript requests with axios on the looker API.

(the context is that I have a vuejs with @nuxtjs/axios ... which is basically axios ...)

Let me say right away that I don't want to use the Typescript SDK because it would be too heavy for what I have to do.


I am trying to do a request on :

POST / login

endpoint by passing my client_id and my client_secret in the body of the request (and even directly in the url ... here, the result is the same) but the pre-flight request of chrome block my request with the message :

Access to XMLHttpRequest at 'https: // [blablabla] /api/3.1/login?client_id=XXXXX&client_secret=XXXXX' from origin 'https: // localhost: 3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.


I specify that I tried to add an "Access-Control-Allow-Origin" header with a "*" value but that did not change anything


On the other hand, when I make the same request in postman, it works. I get my user credential without problem (but hey... if my users have to do that every time, they don't like it ...)


please help !

This topic has been closed for comments

1 reply

Userlevel 4

Hey @SimonG,


By chance have you seen these docs?


Generally, we would suggest using the Oauth workflow to get around this.