Can't Fix CORS Setup

Help me!
1

Screenshot 2026-02-25 at 8.36.46 AM
Screenshot 2026-02-25 at 8.36.46 AM1727×1289 326 KB

Feature(s) impacted

Setting up Forest Node Agent on a Standalone Server in AWS.

Observed behavior

Unable to get the authentication route to pass CORS.
Navigating to https://forest.receipts.xyz/forest resolves 200
https://forest.receipts.xyz/forest/authentication resolves 401 with no CORS error.
The Forest Admin UI gets a CORS error when calling the auth endpoint above.

Expected behavior

Should pass CORS checks and authenticate

Context

  • Project name: Receipts-Admin
  • Team name:
  • Environment name: Production
  • Database type: PostgreSQL
  • Recent changes made on your end if any: Trying to set up the Node agent on a standalone server in AWS

And, if you are self-hosting your agent:

  • Agent technology: node
  • Agent (forest package) name & version (from your .lock file):
    • @forestadmin/agent - 1.73.2
    • @forestadmin/datasource-sql - 1.17.6
2

Hi @Henry_Garrett ,

Can you share the setup of your forest agent, and maybe the logs of your agent ?

Best regards,

Enki

3

Hi @Enki, here are the last couple minutes of logs:

February 25, 2026, 08:48 e[32minfo:e[0m [200] GET /forest - 0ms service-container
February 25, 2026, 08:48 e[32minfo:e[0m [200] GET /forest - 0ms service-container
February 25, 2026, 08:48 e[32minfo:e[0m [200] GET /forest - 0ms service-container
February 25, 2026, 08:48 e[32minfo:e[0m [200] GET /forest - 0ms service-container
February 25, 2026, 08:48 e[32minfo:e[0m [200] GET /forest - 0ms service-container
February 25, 2026, 08:48 e[32minfo:e[0m [200] GET /forest - 0ms service-container
February 25, 2026, 08:42 e[33mwarning:e[0m [401] GET /forest/authentication - 0ms service-container
February 25, 2026, 08:42 e[33mwarning:e[0m [401] GET /forest/authentication - 0ms service-container
February 25, 2026, 08:26 e[32minfo:e[0m [200] GET /forest - 0ms service-container
February 25, 2026, 08:26 e[32minfo:e[0m [200] GET /forest - 1ms

This Forest Agent runs on an ECS Service behind an API Gateway that has CORS configured. It is run via Dockerfile (using the Dockerfile that comes with the project and is used in all of the example repos in the Forest Github!)

4

This issue seems similar to this one - How do I configure CORS middleware when using the forestadmin agent? - #3 by ZavenArra

But I’m not mounting on Express, mounting standalone.

5

ok, thanks, did you add https://app.forestadmin.com to the allowedOrigins of the API Gateway CORS configuration ?

6

@Enki Yes, the api gateway CORS configuration contains that origin, along with allowed headers, methods, and credentials

7

Don’t you want to share the code of your agent setup ?

8

Can you check the FOREST_ENV_SECRET in your environment variables, so it matches the value in the projects environment settings ?

9

I’m following this demo :slight_smile: So my Dockerfile looks just like this:

My index.js looks like:

require(‘dotenv’).config();

const { createAgent } = require(‘@forestadmin/agent’);

const { createSqlDataSource } = require(‘@forestadmin/datasource-sql’);

// Create the Forest Admin agent.

/**

* @type {import(‘@forestadmin/agent’).Agent<import(‘./typings’).Schema>}

*/

const agent = createAgent({

// Security tokens

authSecret: process.env.FOREST_AUTH_SECRET,

envSecret: process.env.FOREST_ENV_SECRET,

// Make sure to set NODE_ENV to ‘production’ when you deploy your project

isProduction: process.env.NODE_ENV === ‘production’,

// Autocompletion of collection names and fields

typingsPath: ‘./typings.ts’,

typingsMaxDepth: 5,

});

// Connect your datasources

// All options are documented at https://docs.forestadmin.com/developer-guide-agents-nodejs/data-sources/connection

agent.addDataSource(

createSqlDataSource({

uri: process.env.DATABASE_URL,

schema: process.env.DATABASE_SCHEMA,

sslMode: process.env.DATABASE_SSL_MODE,

}),

);

// Expose an HTTP endpoint.

agent.mountOnStandaloneServer(Number(process.env.APPLICATION_PORT));

// Start the agent.

agent.start().catch(error => {

console.error(‘\x1b[31merror:\x1b[0m Forest Admin agent failed to start\n’);

console.error(‘’);

console.error(error.stack);

process.exit(1);

});

10

Verified the FOREST_ENV_SECRET is the same

11

Actually demos aren’t the usual way to setup a forestadmin project.
Our demos are mainly used to show forestadmin capabilities to potential customers, not for customers to setup them alone. If you’re interested in some demo from our sales, I can ask for a sale to contact you directly.

I see that you have already created a few projects on forest. Did you manage to have a development environment running ?
If so just try to setup your agent directly on your server without docker, following the normal onboarding. I think it will be simpler and will eliminate a potential source of troubles.

12

Hi Enki, our deployment pipeline requires docker. Is there a way to add middleware to the “mountStandalone” version of forest? If not, should I set up an express server and mount it there instead?

I was able to get this running in the development environment on my local machine yes!

13

Oh, ok. No, the standalone version is meant to be used as is, it uses base “http” package instead of express.

You will have more control on the server by using the express alternative, yes.

In your agent setup, you should also change the way you connect to your datasource. The “createSqlDataSource” don’t need the schema and certainly not from the env variables.

14

Okay sounds good. Do you have an example somewhere I can see for the best way to setup a project? There was some conflicting documentation I was having a hard time parsing :slight_smile:

15

Yes, I understand, we’re working on it !

Here is the last documentation about the nodejs agent: Getting Started | Node.js Developer Guide