Authentication error - Blocked by CORS policy

I managed to find the issue, maybe this is something to add in the docs for people on Rails with a CORS config.

I had to add the following in my config:

# config/initializers/cors.rb
Rails.application.config.middleware.insert_before 0, Rack::Cors do
  allow do
    # my original config, this can stay there
  end


  # Used for Forest Admin
  allow do
    origins 'https://app.forestadmin.com'

    resource '/forest/*',
      headers: :any,
      methods: [:get, :post, :put, :patch, :delete, :options, :head],
      credentials: true,
      max_age: 1728000
  end
end
1 Like