Response to preflight request doesn't pass access control check


I have created rest endpoints for post request and created separate external client which is using JS xmlhttp request.

I am getting below error on executing post request - 

"Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource"

The first request which is "OPTIONS" is itself returning this error, because of this actual request is never getting triggered.

Here, I am using my own personal environment for creating apis.

How can I add "'Access-control-allow-origin' : '*' "at Outsystems side ?(How to enable CORS)

This is working when I test end point using postman.

Can someone please provide me suggestions to solve this .



Hello Durgesh,

Here is a post that talks about the issue you are having and some possible solutions.

I hope this post is useful.

If not, can you please let me know if the Services you are calling via REST APIs are yours or are you calling some other third parties APIs?


Andres Moreno

Thank you Andres for your reply.

I was able to solve this issue.

Problem here was at client side specifically where I was not serializing JS model object. I was passing that JS model as it is to rest api created in Outsytems.

In the created rest api method- string was the input param.

The error shown on browser console was related to CORS and I thought this is something related to the configuration in xml file, which is also required if you are sending request from different port.

What are the structure rules for passing input params to rest method of Outsytems, can I just create similar model  and keep it as an input param to api method ?