How to set include cookie in apollo studio sandbox

I created my server to use authentication with cookies. And when I try to include cookies in the apollo sandbox setting, The browser console log the following errors.

Access to fetch at 'http://localhost:4050/graphql' from origin '' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

I use apollo-server-express and here is my cors option.

const corsOptions = {
  origin: "",
  credentials: true,  
const app = express()


I don’t know how to solve this problem. It seems like I have presented my server response as

Access-Control-Allow-Credentials: true

to the Studio but why it always giving the errors.

Thank you in advance


Hi there :wave:

Could you please check the network tab to see if responses from the server do in fact contain the headers?

My guess is the configuration didn’t take effect for some reason

Wonder if you could push to a repo, I wouldn’t mind pulling and poking :slight_smile:

Were you able to resolve this? I am havnig the same issue.

This stackoverflow reply helped me in a similar case. Turns out that the apollo server overrides the app’s CORS options unless explicitly instructed not to do so: