This section is only applicable to web browser based apps when the website domain is different to the API domain. Differences can be in hostname or in the port number.
Use the flask
CORS library along with
get_cors_allowed_headers()returns an array of headers that is used by SuperTokens. These need to go in the
- You'll also need to use
The above can be achieved easily via the
CORS library as seen below
from supertokens_flask import ( get_cors_allowed_headers from flask_cors import CORS app = Flask(__name__, static_url_path='') CORS(app, supports_credentials=True, origins=["http://127.0.0.1:8080"], allow_headers=["Content-Type"] + get_cors_allowed_headers())