Hi everyone,
I’m trying to use : GET /api/v3/account (HMAC SHA256)
But I get this error :
Access to XMLHttpRequest has been blocked by CORS policy: Request header field x-mbx-apikey is not allowed by Access-Control-Allow-Headers in preflight response.
My researches point out the api should be configured properly (and not my code) : meaning accepting x-mbx-apikey as a header but the documentation says it is supposed to accept it …
Here is the code, using jquery:
$.ajax({
url: “https://api.binance.com/api/v3/account”,
data: queryString,
type: “GET”,
beforeSend: function(xhr){xhr.setRequestHeader(‘X-MBX-APIKEY’, ‘SECRET’);},
success: function(response) { alert(JSON.stringify(response)); }
});
I suppose I’m doing it correctly because I get a meaningfull error. I also tried other endpoints without signed security needed such as get server timestamp : this is working fine, with the same bit of code but without the setHeader ans without the queryString. Well if anyone can help , you are very welcome 
AND, I can add a different but related example:
When I try to get :
GET /sapi/v1/capital/config/getall (HMAC SHA256)
I get an even more basic error :
Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource
These errors would mean Binance servers are not configured properly but I imagine I wouldn’t be alone asking for help on this so …