Glossary

CORS

CORS — a term used across the Credicorp developer documentation, defined here for engineers integrating the public /public/v1 API.

2 min read

browser ruleCross-origin
edge forwardPreferred for writes

What it is

CORS (cross-origin resource sharing) is the browser mechanism that decides whether JavaScript on one origin may read a response from another. The server signals permitted origins with response headers.

In the Credicorp API

If you call a public endpoint directly from browser JavaScript on your own domain, CORS governs whether the browser lets you read the response. For submissions like consent, the intended pattern is a trusted server-side forward from your edge, which sidesteps CORS entirely and keeps your edge as the trust boundary.

Frequently asked questions

Should I call the consent endpoint from browser JS?

No. Forward it from your server-side edge, which validates the visitor’s banner first and avoids CORS complications. The edge is the trust boundary.

Funding for UK limited companies

Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.