API works in Postman but fails in browser due to missing CORS configuration.
API works in Postman but fails in browser with CORS error
Browser blocks request because server does not allow cross-origin access
You test your API in Postman โ everything works fine.
Then you call it from your frontend โ suddenly it fails.
Error:
Access to fetch at 'API_URL' from origin 'localhost' has been blocked by CORS policy
Why this happens:
Postman does not enforce browser security rules, but browsers do.
Root cause:
Your backend is not allowing cross-origin requests.
Fix in Node.js (Express):
const cors = require("cors");
app.use(cors());Or configure specific origin:
app.use(cors({
origin: "http://localhost:3000"
}));After adding this, your API will work correctly in the browser.
Get a new Bug of the Day in your inbox
Subscribe to Stack Dev Life โ free, no spam, unsubscribe anytime.
Subscribe free โ