How to fix CORS error?

We don't apply any restrictions by CORS policy on our end.

CORS (Cross-Origin Resource Sharing) errors happen when web applications try to fetch resources from different domains, triggering security measures that block access.

They are most likely returned by your browser trying to keep you safe from cross-scripting attacks.  

All web developers run into these error's at some point when developing an application that talks to an API.

To fix CORS errors:

1. Use a separate instance of a Chrome browser where CORS is disabled (just don't use it as your main browser, since it opens a potential avenue for a cross-scripting attack). 
2. Make sure that you are calling our API not from the front-end but from your own secure back-end, otherwise you might expose your credentials to anyone using it.
3. Configure the server to allow cross-origin requests.
4. Use proxy servers to fetch resources from external domains.
5. Employ CORS libraries or frameworks for easier error handling.

By addressing these issues, we can enhance website security and ensure smooth resource sharing across domains.

Read more about our security pillars at GoCardless: here. 

There are many resources on StackOverflow about how to circumvent a CORS error, so feel free to check more information there.