No ratings

"Failed to load....No Access Control Allow Origin."


"Failed to load....No Access Control Allow Origin."

This article was created in response to a support issue logged with K2. The content may include typographical errors and may be revised at any time without notice. This article is not considered official documentation for K2 software and is provided "as is" with no warranties.


When using the Workflow Rest API in your Javascript file, the following issue may occur when loading that page:




"Failed to load https://[site]/Api/Workflow/preview/workflows/?_=1523444398270: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://[site]' is therefore not allowed access. The response had HTTP status code 400."


This may occur when you follow this documentation:




Our developers identified this as an issue within the product.


Workaround for K2 5.0 customers

Remove the authorization header from the AJAX call, this will let the browser prompt you for the username/password.


See the below example which works for K2 5.0 and returns the result back into the body of the html.


<script type="text/javascript" src="jquery-3.3.1.js"></script>
<script type="text/javascript">

$.ajaxSetup ({
cache: false // Disable caching of AJAX responses

$(document).ready(function() {
type: 'GET',
url: '',
dataType: 'json',
crossDomain: true,
xhrFields: {
withCredentials: true
success: function(json_data) {
error: function() {
<span id='wfs'>(Result)</span>


However, we recommend upgrading the environment to K2 5.1 because the issue has been resolved in that version.

Labels: (1)
Version history
Last update:
‎05-19-2021 03:43 PM
Updated by: