Forum Discussion

Former Member

4 years ago

Connect server returns CORS error, works fine in postman

Hello, I am trying to connect to the 1password API via the connect server. Currently in our setup we host the connect docker image (https://hub.docker.com/r/1password/connect-sync/) in an ECS...

secrets management

Former Member

3 years ago

Hi Rory,

Thank you for clarifying that. Technically, it would be possible to place a nginx proxy or something similar between Connect and the frontend to set the required CORS headers to allow this request.

However, we recommend to only supply Connect tokens to and make request to Connect from trusted applications. By supplying a token to the frontend, anyone with access to that frontend can easily extract the token.

What we recommend instead is adding a server application with a Connect token that handles requests from the frontend and to Connect. Preferably, this also authenticates the users of the application.

Let me know if you have any other questions.

Joris

Featured discussions

Meet the 1Password team at KubeCon Europe
Place Developers

Forum Discussion

Connect server returns CORS error, works fine in postman

Featured discussions

Meet the 1Password team at KubeCon Europe

Recent discussions

op cli read file

Windows Hello from the WSL

1password locks within 10 seconds on High Performance or Dynamic resolution screen share on macOS

How do you store Membership Anywhere digital cards securely?

Git commit signing - can't find op-ssh-sign