This section is only applicable to web browser based apps when the website domain is different to the API domain. Differences can be in hostname or in the port number.
set_relevant_headers_for_options_api function: API Reference
- This is to be called in your
- Adds the following headers to the response:
You'll also need to add
Access-Control-Allow-Credentialsheader with value
Access-Control-Allow-Originheader to your supported origins for all the routes in which you will be using SuperTokens.
from supertokens_flask import supertokens_middleware from flask import jsonify, g def info(): if request.method == 'OPTIONS': response = make_response('options api') response.headers['Access-Control-Allow-Origin'] = 'some-origin.com' response.headers['Access-Control-Allow-Methods'] = 'POST' set_relevant_headers_for_options_api(response) return response response = make_response('success', 200) response.headers['Access-Control-Allow-Origin'] = 'some-origin.com' response.headers['Access-Control-Allow-Credentials'] = 'true' return response