Get a peek at our latest innovations at Sanity Product Day on Dec 8th →

Access to XMLHttpRequest at 'https://myAppID.http://api.sanity.io/v1/users/me>' Blocked by CORS Policy

0 replies
Last updated: Jul 10, 2020

Access to XMLHttpRequest at 'https://{myAppID}.<http://api.sanity.io/v1/users/me|api.sanity.io/v1/users/me>' from origin 'https://{my.custom.domain}' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

Why? I'm running a self hosted Sanity studio, and this error appears when I'm trying to open the studio frontend. What am I missing?

EDIT Nevermind.
Allow credentials
in manage.sanity fixed it.

Jul 10, 2020, 7:18 PM

Sanity.io: Get the most out of your content

Sanity.io is a platform to build websites and applications. It comes with great APIs that let you treat content like data. Free to get started, and pay-as-you-go on all plans. Find out more.