I am facing the standard CORS error while calling orchestrator for auth token n then for start a job.
This is the url ‘https://account.uipath.com/oauth/token’ for auth. I am using community edition and uipath cloud hosted orchestrator. Any idea on what and how need to change on orchestrator side to make it work? Can’t make browser changes (plugin, disable security etc.).
Hi @bhu
Welcome to our UiPath Forum! 
This seems like the crucial part. The Orchestrator provided via platform.uipath.com comes as-is, and we therefore don’t provide the ability to edit its settings.
The issue seems to be on the end of your security setup. Maybe it is worth asking your IT department to have a look and provide a solution?
Well, it isn’t any security setup but this is how browsers work. I have a web app hosted locally on my machine that provides users ability to trigger jobs using orchestrator APIs. Since the domain of my webapp is different from the orchestrator domain, browser asks orchestrator app if CORS requests are allowed using OPTIONS http method. If the host (in this case, orchestrator app hosted at http://platform.uipath.com/) doesn’t respond with Access-Control-Allow-Origin : * header then browser blocks the request. If cloud based orchestrator doesn’t support this then there is no way to use orchestrator APIs from a webapp and essentially makes cloud orch. APIs somewhat useless. There could be a setting in the account where user can enable CORS or not. I searched whole internet but couldn’t find any solution for this. Happy to provide more details or discuss if it helps.
1 Like
I am quite sure that this is the exact setup for the Cloud Platform (it’s set at *).
I’ll ask around.
@bhu Just to confirm - it works correctly for you in Postman, right?
Yes, it works well with postman. Issue is only with browser.
When I call this API from browser (using Angularjs):https://account.uipath.com/oauth/token (POST). It is rejected due to CORS. Here is the screenshot of the error in browser console
1 Like
Unfortunately we don’t have CORS configuration in our SaaS offering, yet. This is something that we will address, but we do not have a time frame yet. The best option is to do what @qbrandon suggests: make the Orch API call from the web app instead of browser.
2 Likes
Yes, that is an alternate which I plan to do i.e. webapp calls a REST service I am hosting in cloud and then this REST service calls Orch APIs to trigger a job. But this adds complexity to the webapp, additional work, additional configuration to open backend to reach internet and additional cost as I am hosting on cloud and paying per use.
Thanks for confirming that this is the only option right now. Appreciate it as I was wandering the internet to find a solution hoping that it is possible but I don’t know how to do it. Hope this thread will help others facing the same issue. Adding this feature to SaaS will be really helpful.
1 Like
Why host on the cloud though, if you already have your webapp running locally?
ashokkarale
Anil_G
Yoichi
yangyq10
postwick
chandreshsinh.jadeja
aravindbalineni123
Parvathy
aya
PRASHANT_GABHANE