Table Of Contents

Sending a Credentialed Cross-Origin HTTP Request

Last Modified: November 16, 2020

Enable credentials in your WebVI, such as including and storing HTTP cookies, adding HTTP Authorization headers, or permitting TLS client certificates to interact with a web service.

In addition to configuring a web service to support cross-origin credentialed requests, configure the client handle to include credentials during a CORS requests.


Same-origin requests do not have to perform CORS configuration on the client handle of a WebVI to include credentials in a request. During a same-origin request the result of using the Configure CORS node is ignored.

What to Use

What to Do

Create the following diagram to send a credentialed cross-origin HTTP request.

Customize the gray sections for your unique programming goals.

Open HTTP Handle creates a client handle that preserves the headers you want to add to HTTP requests the application sends.
Configure CORS adds configuration information, such as whether credentials should be included in CORS requests, to the client handle.
Configure the HTTP node to access resources for your application.

Close HTTP Handle closes the client handle and deletes any authentication credentials and HTTP headers associated with the handle.


The browser cache independently stores and manages cookies a credentialed CORS request or same-origin request creates. Closing the client handle does not affect the cookies in the browser cache.


Some servers may require that your application not include credentials with a cross-origin HTTP request. If the server you send requests to responds with the Access-Control-Allow-Origin header set to *, the wildcard value, the HTTP request fails with a CORS configuration error. To resolve the error, set the include credentials during CORS input of Configure CORS to False. To enable credentialed access for a LabVIEW Web Service, see Configure a LabVIEW Web Service CORS for Credentialed Access.

Recently Viewed Topics