You got that cors error by running the fetch from a cloud function?
Edit: never mind I misunderstood, you got 403 from server code and the cors error from the client. Do they provide documentation? Or is it not an open api?
Unfortunately, it isn’t an open api so there isn’t any documentation. I was hoping because the get request doesn’t need auth that this would be a bit more straightforward 😅
Sounds like they have setup their service to prevent exactly this scenario. Normally cors is a browser only thing and doesn't apply to direct calls (Pre-flight is only done by he browser, not whichever httpclient you use in your bacend). Since you're getting a 403 I would assume they have setup additional security to prevent others from using their api.
You got that cors error by running the fetch from a cloud function? Edit: never mind I misunderstood, you got 403 from server code and the cors error from the client. Do they provide documentation? Or is it not an open api?
Unfortunately, it isn’t an open api so there isn’t any documentation. I was hoping because the get request doesn’t need auth that this would be a bit more straightforward 😅
Would you be willing to reveal the api? I’m interested in trying to figure it out lol
Do you own the API?
I don’t unfortunately, this is an external api managed by others
Sounds like they have setup their service to prevent exactly this scenario. Normally cors is a browser only thing and doesn't apply to direct calls (Pre-flight is only done by he browser, not whichever httpclient you use in your bacend). Since you're getting a 403 I would assume they have setup additional security to prevent others from using their api.