Simple JavaScript requests

GET request including credentials


A cross-origin request can be configured to include credentials.

Add credentials: 'include' to the JavaScript fetch call, to send or receive cookies.

fetch(requestURL, {
    credentials: 'include',

The response must include the Access-Control-Allow-Credentials header with a value of true.


  1. Hit green button below and verify “You are authorized!” response returned successfully
  2. Observe difference between source and request origins, confirming cross-origin request
View source on GitHub | Created by Tom Gregory