Blog
Home/

Better CORS error messages for developers

Author Kevin Jeong
Kevin JeongSoftware Engineer
Summary3 min read

Get detailed error messages from Docusign to troubleshoot your CORS apps

    • Additional resources

    Table of contents

    At Docusign, we know that debugging your apps can be a pain, so we have made enhancements to the error responses associated with Docusign CORS functionality in hopes that they improve the development process. Prior to the change, invalid CORS requests would return a simple 403 (forbidden) error response. Now, these forbidden responses also come with an error code, as well as a more descriptive error message that we anticipate will help you troubleshoot  issues with your apps.

    Here is the table of error codes and their error messages:

    Error code(s)

    Message

    Missing_Origin_Header

    Missing Origin Header: ensure the request is configured to use CORS and try again.

    Invalid_Origin_Header

    Invalid Origin Header: ensure the request is configured to use CORS and try again.

    Origin_Not_Allowed

    Disallowed Origin Header: ensure the request is configured to use CORS and try again.

    Missing_Or_Disallowed_Http_Method

    Missing or Disallowed HTTP Method: ensure an HTTP method is specified and the method used is allowed for this integration key and try again.

    Unsupported_Http_Method

    Unsupported HTTP Method: ensure the HTTP method being used is one of the supported methods (GET, POST, PUT, DELETE, HEAD) and try again.

    Http_Method_Not_Allowed

    Disallowed HTTP Method: ensure the HTTP method being used is one of the supported methods (GET, POST, PUT, DELETE, HEAD) and try again.

    Insecure_Connection

    Insecure Connection: ensure the CORS request is made securely (e.g., HTTPS) and try again.

    Missing_Api_Version

    Invalid API Version: ensure the request URL contains the correct API version (e.g., >= v2.1) and try again.

    Cors_Invalid_Api_Version

    Invalid API Version: ensure the request URL contains the correct API version (e.g., >= v2.1) and try again.

    Invalid_Client_Id

    Invalid Integration Key: ensure an existing and correct integration key is being used and try again.

    Empty_Account_Id, Invalid_Account_Id, Misformatted_Account_Id

    Invalid Account ID: ensure the request URL contains the correct account ID and try again.

    Missing_Cors_Scope

    Missing CORS Scope: ensure the CORS scope parameter is included in the request and try again.

    Missing_Config_Or_Request

    The request is missing or the account does not have the right permissions. Please check and try again.

    Let’s take a look at an example error response. Say I make a request with an OAuth access token that does not have a CORS scope. Here is the response:

    "restResponse": "{
        "errorCode":"Missing_Cors_Scope",
        "message":"Missing CORS Scope: ensure the CORS scope parameter is included in the request and try again."
    }"
    
    Previously, this restResponse JSON had an empty value like so:
    "restResponse": ""
    

    Note that the response now has an error code and a more descriptive message for the next step.

    We hope that this will be useful in your development! Please reach out to Developer Support if you have any questions or suggestions.

    Additional resources

    Author Kevin Jeong
    Kevin JeongSoftware Engineer

    Kevin Jeong has been with Docusign since 2020 ever since he graduated from the University of Washington. He's been working as a full-stack developer, previously working on implementing new UI for features in signing, then recently switched to working on backend APIs. Kevin's passionate about building software that makes people's lives more convenient and curious about how to make solutions scale.

    More posts from this author

    Related posts

    • Streamline End-to-End Agreement Management with Docusign: A Developer Overview
      Developers

      Streamline End-to-End Agreement Management with Docusign: A Developer Overview

      Author Larry Jin
      Larry Jin
    • Fast-Track Your Extension Apps with Reference Implementations

      Fast-Track Your Extension Apps with Reference Implementations

      Author Karissa Jacobsen
      Karissa Jacobsen
    Streamline End-to-End Agreement Management with Docusign: A Developer Overview

    Streamline End-to-End Agreement Management with Docusign: A Developer Overview

    Author Larry Jin
    Larry Jin
    Fast-Track Your Extension Apps with Reference Implementations

    Fast-Track Your Extension Apps with Reference Implementations

    Author Karissa Jacobsen
    Karissa Jacobsen

    Discover what's new with Docusign IAM or start with eSignature for free

    Explore Docusign IAMTry eSignature for Free
    Person smiling while presenting