CORS error :Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response

Question

I am trying to send the request from one localhost port to the another. I am using angularjs on the frontend and node on the backend.

Since it is

Answer 1

If you don't want to install the cors library and instead want to fix your original code, the other step you are missing is that Access-Control-Allow-Origin:* is wrong. When passing Authentication tokens (e.g. JWT) then you must explicitly state every url that is calling your server. You can't use "*" when doing authentication tokens.