CORS issues when trying to create users via Softr's API endpoint, in the custom code block.

Hey! I’m trying to create new users on my Softr website (using cutom code block) using the Softr API. I’m attempting to make POST requests to ‘https://studio-api.softr.io/v1/api/users’ directly from my custom code block on my Softr website.

However, I’m running into CORS issues. Even though I’m making the request from my Softr domain to the Softr API, I get this error:

‘Access to fetch at ‘https://studio-api.softr.io/v1/api/users’ from origin ‘https://www.famcareai.com’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.’

Is there a way to somehow bypass those CORS errors? I don’t even understand why I’m getting them, considering the fact that I’m making an API request from my custom domain, to the same domain. (I assumed that I can only get CORS issues if I called this API from another website with another domain). I know I can use platforms like Make, but I wanted to do it directly from my custom code block. Thanks.

Hi there - i’d recommend contacting customer support for this so can get into your app and see what’s going on.

Hey, that’s exactly what I did, but they told me to ask here because they don’t know

I see. Here are some suggestions:

Creating an API token for it means that key has authority to make any changes to your app, it should never be exposed in app itself (e.g. one user could delete another user)

1. Create a workflow somewhere (Zapier, Make, etc.) using Softr API to create a user
2. Format request to for that endpoint via Call API feature or custom code (though make sure to only pass relevant info without auth)
3. That workflow then triggers a call to our backend to create the user via our API.

@evlo_malik This. For context, in the no-code world it is common to encounter CORS issues if you are making API requests client-side because a number of REST APIs only accept requests server-side (e.g., Twitter).

You are getting the error because you are making a call from famcareai.com to softr.io domain. There is no straightforward or recommended way to bypass this – it is there for a reason.

Can you explain what are you trying to do so we can help with an alternative solution?

Hi there, jumping in to see if anybody can help me with something similar,

Last months I was using Zapier as a bridge between Airtable and Softr to do some automations, but I have managed to make almost all of that stuff thru airtable scripts, so instead of calling to zapier from my automation I run a script that does the same, now the only automation I have in Zapier is for creating users in my Softr App.

I thought maybe I could bypass Zapier, and I found this documentation: API Setup and Endpoints – Softr Help Docs and after some experiments I ended with this code:

const softrApiKey = 'xxxxx'; // Replaced with my Softr API key
const softrDomain = 'xxxxx'; // Replaced with my actual Softr domain

// Function to create a user in Softr
async function createSoftrUser(fullName, email, password) {
  const url = 'https://studio-api.softr.io/v1/api/users';
  const body = JSON.stringify({
    full_name: fullName,
    email: email,
    password: password,
    generate_magic_link: true
  });

  console.log('Sending request to Softr with body:', body);

  const response = await fetch(url, {
    method: 'POST',
    headers: {
      'Softr-Api-Key': softrApiKey,
      'Softr-Domain': softrDomain,
      'Content-Type': 'application/json'
    },
    body: body
  });

  const responseData = await response.json();

  if (!response.ok) {
    console.error('Softr API Error:', JSON.stringify(responseData));
    throw new Error(`HTTP error! status: ${response.status}, message: ${JSON.stringify(responseData)}`);
  }

  return responseData;
}

// Function to validate email
function isValidEmail(email) {
  const emailRegex = /^[^\s@]+@[^\s@]+\.[^\s@]+$/;
  return emailRegex.test(email);
}

// Main function to be called by Airtable automation
async function createUserFromAirtable() {
  let config;
  try {
    // Get all input data at once
    config = await input.config();
    
    const fullName = config['Nombre y Apellido'];
    const email = config['Email'];
    const password = config['Password'];

    console.log('Input data:', JSON.stringify({ fullName, email, password: '********' }));

    // Validate input
    if (!fullName || !email || !password) {
      throw new Error('Missing required fields');
    }

    if (!isValidEmail(email)) {
      throw new Error('Invalid email format');
    }

    // Create user in Softr
    const result = await createSoftrUser(fullName, email, password);
    console.log('User created successfully:', JSON.stringify(result));
    
    // Return success message
    output.set('result', 'User created successfully in Softr');
    output.set('softrUserId', result.user_id); // Assuming Softr returns a user_id
  } catch (error) {
    console.error('Error creating user:', error.message);
    
    // Return error message
    output.set('result', 'Error creating user in Softr');
    output.set('errorMessage', error.message);

    // Additional error handling
    if (error.message.includes('400')) {
      output.set('errorType', 'Bad Request');
      if (error.message.includes('email already exists')) {
        output.set('possibleReasons', 'Email is already registered in Softr');
      } else {
        output.set('possibleReasons', 'Email might already be registered, or password doesn\'t meet Softr\'s requirements');
      }
    }
  }
}

// Run the main function
createUserFromAirtable();

and I’m getting the following response:

Screenshot 2025-01-09 at 16.44.221204×1116 106 KB

PS: The reason I’m creating users via API is because I need them to have a custom password created by an Airtable formula. Softr 2-way-sync is now off as it would create the users and give them a password before the zapier automation run.

Thanks in advance,
Best,