Browse topics, discover Works With Legrand community!

CORS policy problem


First of all, I would like to say that I am new to the subject of javascript, ajax, xhr and auth2.

I have now understood the principle and I succeeded without difficulty to activate a light at home thanks to Postman.

I develop an HTML/JAVASCRIPT client application on my Synology NAS.

I try to use your API but it doesn’t work at all in the second step of auth2 protocol, I got the message : “Access to XMLHttpRequest at ‘’ from origin ‘’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.”

My Browser add the Header “Origin” and the request is blocked by Eliot server. Postman does not add the header “Origin” and it works.

Could you help me, please.

Hello Jean-Michel,

Maybe you can try to add to the Header of your request :
Access-Control-Allow-Origin: *
Or you can try to add the URL of your server in order of the “*”

(information found here :

Tell me if it worked 😉

Have a good day,
Leslie – Community Manager

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.


message1 reply
people2 participants