When running Apollo Server in production mode, you might experience an issue where custom HTTP headers aren't accessible to your code.
This is due to CORS security settings. To allow headers besides the standard set of request headers (authorization, content-type, etc.), you need to add them to the allowedHeaders property of your Apollo Server configuration.
This property can take either a string or an array of strings:
const server: ApolloServer = new ApolloServer({
schema,
dataSources,
cors: {
allowedHeaders: ["customHeader1", "customHeader2"],
...other cors settings
},
});
For a full tutorial on CORS configuration in Apollo Server, please see our docs.
Comments
0 commentsPlease sign in to leave a comment.