Error: Cross-Origin Request Blocked
Accessing ArcGIS Server services via ArcGIS Server REST Directory fails and returns the following error:
Error: Cross-Origin Request Blocked:The Same Origin Policy disallows reading the remote resource at https://<FQDN>/portal/sharing/generateToken?request=getToken&serverURL<etc.>
The Fully Qualified Domain Name (FQDN) is listed under the Allow Origins settings in Portal for ArcGIS. The domain listed in the settings must match the exact request sent from the browser. Portal for ArcGIS does not allow access to the browser if a mismatch exists. The following image shows an FQDN listed under the Allow Origins settings in the Portal for ArcGIS settings page.
Solution or Workaround
Remove the FQDN listed under the Allow Origins settings. The following instructions describe how to do this.
Note: The steps below are only possible using a Portal for ArcGIS administrator account.
- Login to the Portal for ArcGIS Home page using an administrator account.
- On the Portal for ArcGIS Home page, click Organization.
- On the Organization page, click EDIT SETTINGS.
- On the settings page, click Security.
- On the Security settings page, scroll to Allow Origins. Click the red x symbol to remove the desired FQDN listed under the Allow Origins settings.