CORS blocking only PATCH requests

Hi! I am using a react front end with Airtable as my backend, Everything works fine and I am to create and list records, but when I run a .update, I get an error.

In my console I get: Access to fetch at 'https://api.airtable.com/v0/appfGOrSlohKglsao/Users/?' from origin 'http://localhost:3000' has been blocked by CORS policy: Method PATCH is not allowed by Access-Control-Allow-Methods in preflight response.

It seems to be that Airtable is not allowing PATCH requests specifically? I don’t think I need a proxy given everything else works just fine. Am I missing some configuration?

Does the airtable account associated with the api key you are using have read-only privileges on the base/workspace? This could be what’s causing the the request to fail the CORS prefilight.

Also I would definitely recommend making API requests from your backend so as not to expose your API key on your React front end.

1 Like

This topic was solved and automatically closed 15 days after the last reply. New replies are no longer allowed.