Skip to Content
Mar 20, 2018 at 04:51 PM

Avoid CORS problems for C4C OData service called from SAPUI5 application?

1313 Views Last edit Mar 20, 2018 at 07:09 PM 3 rev

I am having a few problems with cross-origin policy while trying to access the C4C Odata service. The application is hosted as a BSP application on an ABAP system.

As per the guide (, i am trying to make a simple call to retrieve the x-csrf-token to use in subsequent calls.

Any request made to the domain https://my*****/sap/c4c/odata/v1/c4codata/ is blocked due to CORS issues. I need to add a request header {"x-csrf-token":"fetch"} that triggers a preflight OPTIONS request, which does not allow authentication and fails.

I tried with xhr requests, ajax requests and odata models, but to no result.

What could I do to solve this issue?

Edit: I tried different borwsers to make sure and it is not a Chrome specific issue.