CORS on gotrue-js login when working with Netlify Dev

netlify site name:

I am using gotrue-js to login a user, while running netlify locally with netlify dev

I have tried this configurations, none of them work:

  auth = new GoTrue({
      APIUrl: '',
      audience: '',
      setCookie: false,

fails with CORS.


  auth = new GoTrue({
      APIUrl: 'http://localhost:8888/.netlify/identity',
      audience: '',
      setCookie: false,

fails with 404.

Is there a way of testing netlify’s identity locally with netlify dev?

The best solution I found until now is running chrome with:

google-chrome --disable-web-security --user-data-dir=.test-google-chrome/

Hi @Niklison, welcome to the community!

Yea, typically, I would say there wouldn’t be an easy way to test Identity locally but your workaround/solution will work. You’d just want to make sure not to use that instance of Chrome to browser anywhere except your localhost due to the lower security.

Let me know how that goes!

1 Like

Hi guys, im new to netlify, and i had same issue, netlify identity throw cors errors when using netlify dev or in preview deployments but not in prod, I was reading few post similar and people said that it should work when using netlify dev but it doesnt for me, and in this post @Dennis im understanding that identity cors will never work locally even using netlify dev am I right?

for example:

How this guy got it working if you just said will not be possible?

Hey @jjalonso,
I believe Niklison got it working by disabling the CORS check in Chrome, as described here:

This is not secure for regular browsing, so what Dennis is saying above is to be sure to only use the Chrome instance where you disable the CORS check for local browsing and testing your app.


FWIW @jjalonso, I believe if you’re developing on port 8888 (default for Netlify dev), you should also not get CORS errors from GoTrue :slight_smile:


On port 8888 I’m getting cors error from hottie yep.

Hey @jjalonso, not super familiar with the hot reload module you are using (hottie). Have you tried using something other than that. Have you tried using something like parcel or create-react-app that both have hot reload functionality built in?

what hottie? im using cra.

In your prior reply you said:

So I too am not sure what you mean/meant there


My apologies guys, I think the hottie thing was some typo or thing of the spell corrector and not sure what i meant to say, actually i didnt even know that hottie is some sort or tool or similar lool

Im using cra.

@jjalonso , can you explain again in a different way what the problem is and what you have already tried? i think we are all feeling a bit lost! thanks. :slight_smile:

I solved it using a chrome extension, since it only happen in development and not in production it could work for me but is just because i have a ‘disable cors’ extension on my chrome browser.

The question is, should CORS error be thrown when using gotrue library from cli ‘netlify dev’ ?

The definite answer here is no, it shouldn’t. Although I can’t speak to the specifics of why yours does, that shouldn’t occur.