So I have the auth process working in my app with RPM users entering an email address to recieve a code which is then sent via the /api/auth/login and all working as expected, the issue im seeing is that the subsequent request to /api/auth/refresh after the login token expires is giving me CORS errors, im passing in the following object into the message body :
body:{ data: {
token: token,
refreshToken: refreshToken
}}
and using the POST method, im also including the X-API-KEY in the headers with a content type of application/json. All other requests formattted the same to the auth endpoints are working without issue so i guess in theory this should also work but again i get blocked by CORS, am i missing something?
any help greatly appreciated