Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Allow browser options request through key-auth

See original GitHub issue

The browser sends a preflight OPTIONS request before each request I send to express gateway. I have key-auth configured for express-gateway, and for all requests without an authorization header, express gateway responds with a 403 error. How do I whitelist only OPTIONS requests to bypass the key-auth?

Is this is the recommended approach?

label: Question

Issue Analytics

  • State:closed
  • Created 4 years ago
  • Comments:6 (2 by maintainers)

github_iconTop GitHub Comments

XVincentXcommented, Jul 22, 2019

I’ve responded to the issue some days ago. Did you try the solution?

stonymahonycommented, Jul 21, 2019

Hey animysore, I’m facing exactly the same problem right now.

I have set the problem to Stackoverflow, have a look.


Read more comments on GitHub >

github_iconTop Results From Across the Web

Bug: key-auth plugin validating OPTIONS requests with CORS ...
If browser truncating query param, we may need to add a flag in Key Auth plugin (or other Auth plugins) config to allow...
Read more >
Why is an OPTIONS request sent and can I disable it?
According to the CORS strategy (highly recommend you read about it) You can't just force the browser to stop sending OPTIONS request if...
Read more >
Key Authentication plugin | Kong Docs
Keys are encrypted at rest in the API gateway datastore. PermalinkConfiguration Reference. This plugin is partially compatible with DB-less mode. In DB-less ...
Read more >
Authorizing requests - Postman Learning Center
With API key auth, you send a key-value pair to the API either in the request headers or query parameters. In the request...
Read more >
Authentication — API Key Auth - Zapier Platform UI
API Key authentication lets apps verify users' account with an API key that is passed along with every API call. In a Zapier...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Post

No results found

github_iconTop Related Hashnode Post

No results found