My Oracle Support Banner

API REST /osn/social/api/v1/connections Request Blocked By CORS (Doc ID 2609867.1)

Last updated on NOVEMBER 03, 2022

Applies to:

Content and Experience Cloud Service - Version 18.4.1 and later
Content and Experience Cloud Classic - Version 18.4.1 and later
Content and Experience Cloud - Version 18.4.1 and later
Information in this document applies to any platform.


OPTIONS Preflight Request for /osn/social/api/v1/connections Does Not Return Access-Control-Allow-Methods Header

When making XHR Requests, browsers implementing CORS policy will send a preflight OPTIONS request to determine whether this request can be made.

When performing an XHR POST request for /osn/social/api/v1/connections:

The preflight OPTIONS request is triggered. However, there is no Access-Control-Allow-Methods Header returned for this OPTIONS request, which results in the browser preventing the POST request from being executed by the browser.

Steps confirming behavior:

1) Using PostMan:

  - URL: https://<OCE instance>/osn/social/api/v1/connections
  - Method: OPTIONS
  - Authorization: type: Bearer Token {token value obtained using /documents/web?IdcService=GET_OAUTH_TOKEN per
  Origin: {enter one of the values from "Front Channel CORS Origins" field in https://<OCE instance>/documents/administration/security}

Observed behavior:
- A 200 Response was received, the body of the request is blank and the Access-Control-Allow-Methods header is NOT returned.




To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.