No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8100' is therefore not allowed access

I am building an app using ionic, Drupal rest api . I get this error on implementing a web service authentification “Failed to load http://localhost/drupal-8.5.3/user/login?_format=json: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://localhost:8100’ is therefore not allowed access.”
I have no idea what should I do to fix this so I hope someone here has an idea what might be causing this.

   public login() {
    let data = JSON.stringify({
        pass: this.registerCredentials.password,
    let apiloginUrl = 'http://localhost/drupal-8.5.3/user/login?_format=json';
    let headers = new Headers();
    headers.append('Content-Type', 'application/json');, data, {headers: headers})
        .subscribe(data => {
            localStorage.setItem('loggedinData', data['_body']);
            let apiTokenUrl = 'http://localhost/drupal-8.5.3/oauth/token';
                .subscribe(data => {
                    localStorage.setItem('loggedin_token', data['_body']);
                }, error => {
                    console.log(error);// Error getting the data
        }, error => {
          this.showError("Access Denied");

loginkeyboard() {
        data => {
                document.getElementById('login').style.height = this.height + 'px';

Your API has to return the mentioned header.

1 Like

how can i resolve the problem ?

Not entirely familiar with Drupal’s API, but I’ve gotten that error before from many other API’s in the past. If Sujan12’s suggestion doesn’t work, it might be because CORS isn’t setup for that particular location/site. I did a quick google to find it there’s a way to set it in Drupal and I found this which might help you resolve the issue.

Once your localhost app has access to the drupal api you shouldn’t get that error anymore. Hope it helps a little.