My question stems from the API request lessons in the Web Development career path – starting here:
I got enamored by the potential power of APIs and set out on try some other APIs in the real world. My first couple adventures went great. My latest attempt however, I can get data from the API through tools like Postman — but when I try to make the same call from my website — I get the following error message.
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at [https://api. <> ). (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
By everything I read — it looks like this is a server side issue…
… everything seems to indicate we need to add: Access-Control-Allow-Origin: https://mydomain.com
Can anyone confirm — I read this as the far side (the folks with the API / data I am trying to access) need to add this header. Yes??
And if they will not add it — is there literally anything else I can do from my side (e.g. different language or something)? Or I am just simply not able to use that API?