Angular 2 Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response
Add Authorization
to the CORS Check:
$config['allowed_cors_headers'] = [ 'Authorization', 'Origin', 'X-Requested-With', 'Content-Type', 'Accept', 'Access-Control-Request-Method'];
In order for your preflight request to succeed, the server controller must accept the "Authorization" header as valid. You can do that by adding the "authorization" key along with other allowed headers values:
Access-Control-Allow-Headers: Authorization, Content-Type, Content-Range, Content-Disposition, Content-Description
in php codeigniter backend just put this header in the construct() of your api controller.example:
class ApiController extends CI_Controller { function __construct(){ parent::__construct(); header('Access-Control-Allow-Origin: *'); header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE"); header("Access-Control-Allow-Headers: Origin,X-Requested-With,Content-Type,Accept,Access-Control-Request-Method,Authorization,Cache-Control"); header('Content-Type: application/json'); }public function index(){ $MYARRAY = array(1); echo json_encode($MYARRAY);}}