No 'Access-Control-Allow-Origin' Header on GET response

Could the issue be related to the browser? I.e. we are calling your API from AJAX, therefore the browser requires the header “Access-Control-Allow-Origin” were a direct backend call can ignore that header.

@MArkWilliams I’m also experiencing this issue, the missing header is preventing CORS requests.
It had already been reported here so I didn’t see the point in commenting, but I’ve been keeping an eye on this issue.

Thanks for the additional info. We have identified the problem and we are working on a fix.

Hello Mark,
Just wanted to let you know that we were unable to login to the forum the whole day, preventing us from also reporting this issue.

Thanks @MArkWilliams

Hi, I know you are working on this but just wanted to echo still having the issue. Thanks

Hi Mark,

Do we have any estimated timeline for fix?

Thanks

Hi @MArkWilliams, are there any updates to this?

Hello @MArkWilliams do you have an estimate on when will this be fixed by? We need to communicate to our customers.

testing a fix in pre-production right now!

testing a fix in pre-production right now!

We have just deployed a fix for this issue.
We apologise for the disruption this may have caused.

I confirm the issue is resolved for us.

Thank you and have a nice day.

Thank you Mark, this has been fixed for us too.

This is now fixed. Sorry for the delay.

@MArkWilliams Thank you! Seems to be working for us again.

Confirming issue resolved for us

We are trying to access the https://api.companieshouse.gov.uk/company/company_id and we are getting the error message:
No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

But the same works in Postman. Is there any specific header that needs to be set.

If you search this forum for “Access-Control-Allow-Origin” you’ll find plenty of examples of how this all works and how to debug issues.

You say this works in Postman, so I’m guessing your API key is fine. You don’t say how you’re trying to connect when you’re not using Postman but I’ll assume javascript; the following should be more generally applicable.

The only header require is the http Basic authorization header. There are quite a few posts showing that people find this confusing (or the implementation of this by their framework / tool) so it may be worth double-checking this. Also see item 5 in the list below.

A good example of debugging this kind of issue (working through several problems) is the thread:

Things to check:

  1. Did you specify this will be a “crossDomain” request if needed by your framework (e.g. in jQuery $.ajax({ crossDomain: true, ... )?
  2. Did you set the domain(s) that you are making the Ajax request from in your API key registration?
  3. Are you using the same protocol that you registered (e.g. if you specified “https://mysite.com/” but then don’t use TLS the request may fail)?
  4. Are you running your code on localhost or using a specific port? If so see links in my post at Angular Local Dev Testing - #4 by voracityemail
  5. (If you’re getting back a 401 response) is your authorization header being set correctly (e.g. see 401 Unauthorised when calling API through JavaScript)?

Hi there.
Thank you very much for your suggestions.
To clarify my question, yes I am using JavaScript for connection purpose. In fact we are using JQuery library.
I have a web page that takes company id and gives back the company details and I am doing it using JQuery and Node’s http-server module, in order to run the web-page on server. But the functionality of page did not work properly in Chrome. So, I removed JQuery code and used plain Ajax Javascript. When I tried from the Interntet Explorer today, without the http-server, it started working. Not sure what the issue exactly is.
But I will go through the links you have shared. Thank you.