Consent

Cognite Hub is going public. So far, Cognite Hub has required users to log in to access some of its content. Now we have decided to open most parts of the community up to the public. For more information, please read our Privacy Policy and Terms and Conditions.

If you don’t agree with this privacy statement, you can reach out to support@cognite.com

×

COGNITE HUB

Check the documentation

Ask the Community

Take a look at Academy

Cognite Status Page

Contact Cognite Support

Products Cognite Data Fusion

Cognite InField

Cognite InRobot

Cognite Maintain

Cognite Remote

Website cognite.com

Groups
- - Knowledge Base
Product Updates
Product Ideas
Docs
Events
Academy
Our Partners

Impact 2024: The Industrial Data and AI Conference for and by Users | Nominate Speakers Now for a Ch...

(Mon, 14 Oct, 2:00 pm)

Home
Search

Replies posted by Freyja Østrem

1 Reply

Christopher WhealyActive

asked in Developer and User Community

Setting HTTP headers for CORS policy

Does the CORS request set the request option to include browser credentials ({ credentials: "include" } for Fetch API, or request.withCredentials = true for XMLHttpRequest)? Browsers should only block CORS requests when Access-Control-Allow-Credentials: true is not present if that request option is set, which it is not by default.For security reasons, the CDF API does not use any form of browser credentials (such as cookies) for authentication, which is why we do not set that CORS header in the OPTIONS response. Because of this, the CORS request options should either have the browser credentials request option set to omit credentials, or have it be unset (using the default value).Authentication is only done with a bearer token in the Authorization header set in the request, which does not require Access-Control-Allow-Credentials: true and only requires Access-Control-Allow-Headers to include the Authorization header, which it as far as I can tell does.

Generate client secret for OID

Please generate a client secret once every 180 days.

Choose the application:

Badge winners

Hariharan Raveendranhas earned the badge Working with Cognite InField
Hariharan Raveendranhas earned the badge Cognite Domain Expert Basics
Abhishek Srivastavahas earned the badge Working with Cognite InField
Sushovanhas earned the badge Cognite Data Fusion Fundamentals
cmotekhas earned the badge Working with Cognite InField

Show all badges

Powered by Gainsight

Terms & Conditions Cookie Settings

Sign up

Already have an account? Login

Log in with your business account

Log in to the community

Log in with your business account

Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.

Enter your e-mail address

Back to overview

Scanning file for viruses.

Sorry, we're still checking this file's contents to make sure it's safe to download. Please try again in a few minutes.

OK

This file cannot be downloaded

Sorry, our virus scanner detected that this file isn't safe to download.

OK

RESOURCES Learn Documentation Support Status Page
GETTING STARTED Sign up to Cognite Hub Get Started with Cognite Hub About Us Contact Us
FOLLOW US

© 2022

Powered by inSided