I am using API gateway with cognito for Authorize a POST method endpoint. if I am running it through Postman (JSON) it works great. BUT when I am running through a react app in CHROME I get Access to XMLHttpRequest at 'https://wjkgn56pb8.execute-api.us-east-1.amazonaws.com/test' from origin 'http://localhost:3000' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Details over my API gateway API
POST request with cognito authorizaer with expect a Authorization header
The post request has lambda proxy that return the following header:
"headers": 'Access-Control-Allow-Credentials':'true', 'Access-Control-Allow-Headers': 'Content-Type,X-Amz-Date,X-Amz-Security-Token,Authorization,X-Api-Key,X-Requested-With,Accept', 'Access-Control-Allow-Methods':'DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT', 'Access-Control-Allow-Origin':'', 'X-Requested-With':''
OPTIONS method wihtout cognito authorizer
I enable CORS on the endpoint.
result:
without cognito on the POST it works -> i get content into my react app
the moment I add cognito authIi get CORS error
the part of react code I am running for this is:
async function testClick() { try { const data = { clientId: user.userId, }; const config = { headers: { Authorization: user.token, }, }; const res = await axios.post( "https://wjkgn56pb8.execute-api.us-east-1.amazonaws.com/test", data, config ); const messageData = res.data; console.log(messageData); } catch (err) { console.error(err); } }
I don't have any idea.