When using the Workflow Rest API in your Javascript file, the following issue may occur when loading that page:
"Failed to load https://[site]/Api/Workflow/preview/workflows/?_=1523444398270: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://[site]' is therefore not allowed access. The response had HTTP status code 400."
This may occur when you follow this documentation:
https://help.k2.com/onlinehelp/k2five/devref/5.0/default.htm#Runtime/WF-REST-API/WF-REST-js.htm
Our developers identified this as an issue within the product.
Workaround for K2 5.0 customers
Remove the authorization header from the AJAX call, this will let the browser prompt you for the username/password.
See the below example which works for K2 5.0 and returns the result back into the body of the html.
However, we recommend upgrading the environment to K2 5.1 because the issue has been resolved in that version.