Xero - beautiful accounting software

Xero Developer Help Center

Xero Developer Community

Community > API Authentication >

[...] has been blocked by CORS policy: Response to preflight request doesn't pass access control

Started by Nick John -   in API Authentication

I'm having issues getting the token(production env) and getting the tenants (dev env) both errors have this message.

Access to XMLHttpRequest at 'https://identity.xero.com/connect/token' from origin 'https://..sa.app' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

I have tried everything my end, but surely the Access-Control-Allow-Origin needs to happen at the xero end? am I missing something?