How can I resolve CORS errors?

Last updated: October 16, 2025

CORS (Cross-Origin Resource Sharing) errors are not directly related to SuperTokens functionality, but rather to your server's CORS middleware configuration. These errors occur when your web application tries to make requests from one domain to another without proper CORS setup.

Common causes and solutions

When experiencing CORS errors with SuperTokens, check the following:

CORS middleware settings: Ensure your server's CORS middleware is properly configured and that you are allowing all the SuperTokens headers.
Domain configuration: Verify that your websiteDomain is correctly whitelisted in your server's CORS origins list
API domain matching: Confirm that your apiDomain matches your actual server URL

Example configuration

Make sure your SuperTokens configuration includes the correct domains:

appInfo: {
    appName: "your-app-name",
    apiDomain: "https://your-api-domain.com",
    websiteDomain: "https://your-frontend-domain.com",
    apiBasePath: "/auth",
    websiteBasePath: "/verify"
}

Getting additional help

You can read a more thorough article over on our documentation website. Additionally, you can search through our discord server for similar issues.

Remember that CORS errors are typically resolved through proper server-side middleware configuration rather than SuperTokens settings.