0

I've run into this issue with custom headers when trying to perform and Http GET request from angular 2. Preforming the same request from Postman works fine, however I get a following 405 error in Angular2:

OPTIONS http://[somehost.com]/api/v1/admin/account/singin 405 (Method Not Allowed)

The API has a GET operation where you pass a username and password in the header and it returns a 200 with a token in it's header. Here is an example of the code block I am using:

constructor (private http: Http) {

}

login (userName: string, password: string): Observable<any> {

  const endPointUrl = this.baseUrl + '/admin/account/singin';

  const headers = new Headers({
    'Accept': 'application/json',
    'X-Rem-Username': userName,
    'X-Rem-Password': password
  });

  const options = new RequestOptions({headers: headers});

  return this.http.get(endPointUrl, options)
    .map((response: Response) => {
      console.log(response);
      return response;
    });
}

As I mentioned, performing this request in Postman and in he WebStorm REST client with these headers works fine. If I remove these 'X-Rem' headers I get a 401, which is expected. Any help would be appreciated, thanks.

Improve this question
3
  • Add X-Rem-Username and X-Rem-Password to your CORS response header Access-Control-Allow-Headers.. assuming you already have CORS set up on your server. Commented Apr 23, 2017 at 9:09
  • Hi, I'll ask the provider to do this. Commented Apr 23, 2017 at 9:25
  • That did the trick, thanks Commented Apr 27, 2017 at 11:56

3 Answers 3

Reset to default
1

Try this

const headers = new Headers({
    'Accept': 'application/json',
    'X-Rem-Username': userName,
    'X-Rem-Password': password
});

this.http.get('url', {headers: headers})
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

This is not problem with angular app. Your app and rest api server are different server/domain. You should configure cross domain allow in server. Whenever you request any api on server by web browser, it first check cross domain allow options by request a OPTION method. In postman api directly send, there is no cross domain.

Improve this answer

1 Comment

Thanks guys, ended up being CORS not properly setup on the API side.
0

I am not sure but you can try add this header:

  "Access-Control-Expose-Headers" : "Authorization"

I found it in this discussion

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.