Dg-Auth header is not allowed by Access-Control-Allow-Headers

Need to sign requests with Dg-Auth to make requests, but requests fail when querying local Docker Compose cluster. Dgraph Cloud works.

Access to fetch at 'http://localhost:8080/graphql' from origin 'http://localhost:3000' has been blocked by CORS policy: Request header field dg-auth is not allowed by Access-Control-Allow-Headers in preflight response.

Working around with:

if (PRODUCTION) {
  authHeaders['Dg-Auth'] = SLASH_CLIENT_KEY;
}

Should we make this available on local instances @pawan

I personally think it would be better to just leave it broken so that users have an awful experience and every request fails when developing locally.

Yeah, I think we should. API key-based Auth won’t work because it’s a cloud feature but at least the queries would work.

1 Like