Ctrl K

Get CORS settings

Published Oct 17, 2025

The *Get CORS settings* endpoint returns the allowed origins (i.e. your domains) you want to allow cross-origin resource sharing ([CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing)) with Codat. Enabling CORS with Codat is required by our embeddable UIs (such as [Connections SDK](https://docs.codat.io/auth-flow/optimize/connection-management) and [Link SDK](https://docs.codat.io/auth-flow/authorize-embedded-link)) to access Codat's API endpoints.

Script codat Verified

Use in Windmill

The script

Submitted by hugo697 Bun

Verified 235 days ago

All edits

Permalink

//native
type Codat = {
	encodedKey: string
}
/**
 * Get CORS settings
 * ﻿The *Get CORS settings* endpoint returns the allowed origins (i.e. your domains) you want to allow cross-origin resource sharing ([CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing)) with Codat. 

Enabling CORS with Codat is required by our embeddable UIs (such as [Connections SDK](https://docs.codat.io/auth-flow/optimize/connection-management) and [Link SDK](https://docs.codat.io/auth-flow/authorize-embedded-link)) to access Codat's API endpoints.
 */
export async function main(auth: Codat) {
	const url = new URL(`https://api.codat.io/corsSettings`)

	const response = await fetch(url, {
		method: 'GET',
		headers: {
			Authorization: `Basic ${auth.encodedKey}`
		},
		body: undefined
	})
	if (!response.ok) {
		const text = await response.text()
		throw new Error(`${response.status} ${text}`)
	}
	return await response.json()
}


`1`	`//native`
`2`	`type Codat = {`
`3`	`encodedKey: string`
`4`	`}`
`5`	`/**`
`6`	`* Get CORS settings`
`7`	`* The Get CORS settings endpoint returns the allowed origins (i.e. your domains) you want to allow cross-origin resource sharing ([CORS](https://en.wikipedia.org/wiki/Cross-origin_resource_sharing)) with Codat.`
`8`
`9`	`Enabling CORS with Codat is required by our embeddable UIs (such as [Connections SDK](https://docs.codat.io/auth-flow/optimize/connection-management) and [Link SDK](https://docs.codat.io/auth-flow/authorize-embedded-link)) to access Codat's API endpoints.`
`10`	`*/`
`11`	`export async function main(auth: Codat) {`
`12`	const url = new URL(`https://api.codat.io/corsSettings`)
`13`
`14`	`const response = await fetch(url, {`
`15`	`method: 'GET',`
`16`	`headers: {`
`17`	Authorization: `Basic ${auth.encodedKey}`
`18`	`},`
`19`	`body: undefined`
`20`	`})`
`21`	`if (!response.ok) {`
`22`	`const text = await response.text()`
`23`	throw new Error(`${response.status} ${text}`)
`24`	`}`
`25`	`return await response.json()`
`26`	`}`
`27`