Dg-Auth header is not allowed by Access-Control-Allow-Headers

ctjlewis · May 3, 2021, 10:32am

Need to sign requests with Dg-Auth to make requests, but requests fail when querying local Docker Compose cluster. Dgraph Cloud works.

Access to fetch at 'http://localhost:8080/graphql' from origin 'http://localhost:3000' has been blocked by CORS policy: Request header field dg-auth is not allowed by Access-Control-Allow-Headers in preflight response.

Working around with:

if (PRODUCTION) {
  authHeaders['Dg-Auth'] = SLASH_CLIENT_KEY;
}

chewxy · May 4, 2021, 1:18am

Should we make this available on local instances @pawan

ctjlewis · May 5, 2021, 11:49am

I personally think it would be better to just leave it broken so that users have an awful experience and every request fails when developing locally.

pawan · May 6, 2021, 5:02am

Yeah, I think we should. API key-based Auth won’t work because it’s a cloud feature but at least the queries would work.

Topic		Replies	Views
CORS error when using new docker-compose setup GraphQL kind:question , dgraph , cors	3	4831	August 27, 2020
@auth, cors, securing alter operations, and request headers Dgraph kind:question , auth , area:security , ticket:created , cors	6	1512	January 15, 2021
Auth0 custom header failing OPTIONS request GraphQL kind:bug	2	509	October 4, 2020
cURL: Operations not allowed Dgraph Cloud / Slash GraphQL	2	351	October 6, 2023
CORS Errors on Dgraph Cloud Dgraph Cloud kind:question , status:accepted , kind:bug	1	1065	December 9, 2021

Dg-Auth header is not allowed by Access-Control-Allow-Headers

Related topics