I have this code running in the browser
<html>
<script type="module">
console.log("working");
var url = "https://slack.com/api/chat.postMessage";
var auth_token = "xoxb-2B"; //Your Bot's auth token
var body = {channel: "ses", text: "testing app"}
async function postData(url = '', data = {}) {
// Default options are marked with *
const response = await fetch(url, {
method: 'POST', // *GET, POST, PUT, DELETE, etc.
headers: {
"Authorization": "Bearer " + auth_token,
"Content-Type" : "application/json"
},
body: JSON.stringify(data) // body data type must match "Content-Type" header
});
return response.json(); // parses JSON response into native JavaScript objects
}
postData('https://slack.com/api/chat.postMessage', body)
.then(data => {
console.log(data); // JSON data parsed by `data.json()` call
});
</script>
</html>
I’m getting
Access to fetch at ‘https://slack.com/api/chat.postMessage’ from origin ‘http://127.0.0.1:5500’ has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.
I don’t understand, I need to specify the bearer token somehow, even in the docs it says to put it in the Authorization header, why aren’t they allowing it?