API REST /osn/social/api/v1/connections Request Blocked By CORS
(Doc ID 2609867.1)
Last updated on NOVEMBER 03, 2022
Applies to:
Content and Experience Cloud Service - Version 18.4.1 and laterContent and Experience Cloud Classic - Version 18.4.1 and later
Content and Experience Cloud - Version 18.4.1 and later
Information in this document applies to any platform.
Symptoms
OPTIONS Preflight Request for /osn/social/api/v1/connections Does Not Return Access-Control-Allow-Methods Header
Description:
When making XHR Requests, browsers implementing CORS policy will send a preflight OPTIONS request to determine whether this request can be made.
When performing an XHR POST request for /osn/social/api/v1/connections:
- https://docs.oracle.com/en/cloud/paas/content-cloud/rest-api-conversations/op-connections-post.html
The preflight OPTIONS request is triggered. However, there is no Access-Control-Allow-Methods Header returned for this OPTIONS request, which results in the browser preventing the POST request from being executed by the browser.
Steps confirming behavior:
1) Using PostMan:
Request:
- URL: https://<OCE instance>/osn/social/api/v1/connections
- Method: OPTIONS
- Authorization: type: Bearer Token {token value obtained using /documents/web?IdcService=GET_OAUTH_TOKEN per https://docs.oracle.com/en/cloud/paas/content-cloud/rest-api-conversations/Authentication.html)
Headers:
Origin: {enter one of the values from "Front Channel CORS Origins" field in https://<OCE instance>/documents/administration/security}
Observed behavior:
- A 200 Response was received, the body of the request is blank and the Access-Control-Allow-Methods header is NOT returned.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |