Sketchfab CORS error

in a Ionic app we would like to permit the user to upload 3D models on Sketchfab.
We implemented the Oauth2 login as described in Schetchfab Oauth2 guide about the grant type Authorization Code.

We take the AUTHORIZATION_CODE with the link and then we try to retrieve the token with this method:

getSkToken(skData): Observable {
let headers = new HttpHeaders({
‘content-type’: ‘application/x-www-form-urlencoded’

const options = { headers };
const serviceName = '';

return from(, skData, options).pipe(
    map(data => {
      return data;
      error => {

where skData are the correct values requested:

-‘grant_type’: ‘authorization_code’ ` -'code': [AUTHORIZATION_CODE]`
-‘client_id’: [CLIENT_ID] ` -'client_secret': [CLIENT_SECRET]`
-‘redirect_uri’: [REDIRECT_URI]`

We have this CORS error:

Access to XMLHttpRequest at ‘’ from origin ‘[https://localhost:4200](https://localhost:4200/)’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

We tried to change the POST header in many ways, like:

let headers = new HttpHeaders({
‘content-type’: ‘application/x-www-form-urlencoded’,
‘Access-Control-Allow-Headers’: ‘Content-Type’,
‘Access-Control-Allow-Methods’: ‘POST’,
‘Access-Control-Allow-Origin’: ‘*’

But always CORS error, but in preflight.

Some idea?

Thank you!

Setting CORs is typically done on the Server side. Basically the server is saying “I do not know who this client is requesting data”

It’s because the API you’re trying to reach doesn’t support localhost.
We have a dedicated section in our docs on CORs and list some options you can take.

Thank you Mike.

Following the tips on your suggested doc I tryed to use HTTP from “@ionic-native/http/ngx” on the Android emulator with “ionic capacitor run android”

I reach the Sketchfab server:

Sketchfab server send the token but localhost redirect fails:

I think this is a Ionic/emulator problem and I searched the web fot it but no solution.

What do you think about?


Yeah, ionic-native’s http is not going to help you here. Since the auth looks like it need to do a redirect back, you’ll need to change how you are authenticating.

Something like this could be helpful

Basically it’s a generic wrapper around OAuth APIs, which Sketchfab looks to be using. This could be integrated into your app. But without seeing some code, I don’t know what else I could suggest.