Unimoni
Create account
Knowledge base/Troubleshooting

CORS errors in embed

Symptom

Access to fetch at 'https://api...' from origin 'https://...' has been blocked by CORS policy

Cause

The request went to the cabinet surface (allowlist CORS), not the embed surface (* CORS).

Fix

  1. The partner site must hit /api/v1/embed/*, not /api/v1/orgs/*
  2. JWT (not a cookie) — via Authorization: Bearer
  3. The partner site's origin must be in the allowlist of the API key mk_*
TLS handshake fails
Metrics do not show up on the dashboard
Alerts do not fire