Is it possible to access the API running on the local link address?

Zoom Apps
1

Zoom Apps Configuration

I am creating an application using Next.js 13.

Description
Details on your question, workflow or the problem you’re trying to solve.

I try to fetch data from the api working on local link address, but it returns cors error.
API server has already added Access-Control-Allow-Origin': '*' to the response header.

      try {
        const res = await fetch("https://169.254.x.x/api/v1.0/data", {
          method: "GET",
          mode: "cors",
        });
        console.log(res.body);
      } catch (err) {
        console.error("Error", err);
      }

Is it possible to access the API running on the local link address from Zoom apps?

2

I received following cors error message.

Access to fetch at 'https://169.254.x.x/api/v1.0/data' from origin 'https://xxx.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
3

Just to make sure that I understand, is the 169.254.x.x IP address the pubic IP of your local machine, an IP that is on your network, or something else?

One of the problems here is that an IP address cannot be covered by an SSL certificate so using HTTPS here won’t work. If that IP points to the server that is serving your frontend then you can simply call the API by using the route that it is at: /api/v1.0/data

Otherwise, you will want to assign a domain to that API and make sure that it can handle CORS requests.

4

Thank you for your replying.

The IP address 169.254.x.x is a self-assigned address called link-local address that is only valid within a local network. It is an address that our products assigns to itself.
There is a REST API server running on that device, and I want to communicate with it.

Since the address is a self-assigned address, it cannot be assigned a domain. In this case, is it still not possible to establish communication?

Furthermore, I am calling an external service that has a domain in order to identify the problem. However, the call is failing. Specifically, I have added randomfox.ca to the domain allow list and I am making a call to https://randomfox.ca/floof/, but the call is failing. When I open the web app from the browser, the call is successful.

5

The following sentence problem was caused by my fault.

Furthermore, I am calling an external service that has a domain in order to identify the problem. However, the call is failing. Specifically, I have added randomfox.ca to the domain allow list and I am making a call to https://randomfox.ca/floof/, but the call is failing. When I open the web app from the browser, the call is successful.

I was able to call https://randomfox.ca/floof/ after adding domain allow lists and reinstalling app.

6

@MaxM

I would appreciate it if you would answer my question.