V2/accounts endpoint not working - new, unexpected, CORS error

I am using the SIWC v2/accounts endpoint and I am getting a CORS error when I try to access this endpoint. This is a new error that I was not getting previously.

Let me give you a history (btw - spoiler alert - this endpoint is not working for me at the moment.)

Originally I was restricting users to sign-in-to-coinbase using their USDC wallet, so when I returned the first account in the list of accounts the v2/accounts endpoint was returning, it was only returning USDC. On Sunday, December 10th, I tried accessing the v2/accounts endpoint and it was returning VeChain information instead. I fixed this problem by calling v2/accounts/USDC.

Yesterday (Thursday December 14th), I was suddenly getting a CORS error when I tried to work with the v2/accounts endpoint or the v2/accounts/usdc endpoint. This is really strange, as I never needed to do anything with CORS before AND the other endpoints I called were working properly. I know that other APIs may give this error if there is a server-side problem.

From other posts, it looks like other users have seen errors related to this endpoint such as intermittent 401s and the v2/accounts endpoint returning the v3/brokerage/accounts data. These issues seem to have started appearing this week. My error is slightly different as I am getting a CORS error. I have even tried running the v3/brokerage/accounts endpoint, I also get the CORS error.

I am listing the error below:

Access to XMLHttpRequest at ‘https://api.coinbase.com/v2/accounts/USDC’ from origin ‘http://localhost:3000’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

(BTW, I tried adding this header, and it doesn’t help.)

If someone can fix this ASAP that would be great. (If my app was live and this happened, this could be a big issue. I was planning on launching in Jan but this may push out the timeline.)

This is a massive problem for anyone’s ability to work with the API as all subsequent calls regarding a specific crypto require the account_id which is returned by these endpoints.

I solved the problem, but it is still a problem. I got around this error by sending the request from the server instead of the client, but it is unfortunate that the functionality of the API changed. I was able to send requests from the client for well over a year before I wasn’t able to…now I am only able to send requests for certain api calls from the server.

Meaning, some API calls ban me from making the request from the client, while others do not. Again…not sure why the functionality changed.