Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

ahmeda's avatar

Origin Policy disallows reading from api?

I have Laravel 8 and Vue project uploaded on a different domain

Laravel domain: https://laravel-project.com/api

Vue domain: https://vue-project.com

When I test this https://laravel-project.com/api/login link on postman it works and gives me the access_token but in Vue it shows this error in console:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://laravel/api/login. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

In Laravel CORS config:

<?php

return [

    'paths' => ['api/*', 'sanctum/csrf-cookie'],

    'allowed_methods' => ['*'],

    'allowed_origins' => ['*'],

    'allowed_origins_patterns' => [],

    'allowed_headers' => ['*'],

    'exposed_headers' => [],

    'max_age' => 0,

    'supports_credentials' => false,

];

For login, I use Laravel passport for generating the access token

Where is the problem ?!

0 likes
2 replies
ahmeda's avatar

Laravel by default use cors! Am I need to install it ?

Please or to participate in this conversation.