Glossary

Cross-origin request

Cross-origin request — a term used across the Credicorp developer documentation, defined here for engineers integrating the public /public/v1 API.

2 min read

origin diffWhat triggers it
server-sideNo CORS there

What it is

A cross-origin request is one where the calling page’s origin — its scheme, host and port — differs from the API’s. Browsers restrict what JavaScript can do with cross-origin responses via CORS.

In the Credicorp API

Server-to-server calls are not subject to CORS, which is one reason the Credicorp public write endpoints are designed to be called from a trusted server-side client rather than the browser. Reads are simpler, but heavy browser use should still go through your own cache/proxy.

Frequently asked questions

Are server-to-server calls affected by CORS?

No. CORS is a browser mechanism. A server-side call to the public API is not constrained by it.

Funding for UK limited companies

Credicorp lends to your company, not to you personally — short-term working capital with no personal guarantee. See what your business could access.