×
Claude’s API Now Supports CORS Requests
Written by
Published on
Join our daily newsletter for breaking news, product launches and deals, research breakdowns, and other industry-leading AI coverage
Join Now

Anthropic enables CORS support for Claude API: Anthropic has introduced CORS support for their JSON APIs, allowing developers to make direct calls to Claude language models from client-side applications.

  • The new feature was quietly introduced through a pull request in the Anthropic TypeScript SDK, enabling browser-based usage of the API.
  • Developers can now add the HTTP request header “anthropic-dangerous-direct-browser-access: true” to enable CORS support for the Anthropic API.

Significance and potential use cases: This update opens up new possibilities for browser-based applications while also presenting potential security considerations.

  • The feature is particularly useful for internal tools exposed to trusted users or applications implementing a “bring your own API key” pattern.
  • It eliminates the need for server-side proxies, simplifying the architecture of some web applications.
  • However, Anthropic had previously been cautious about implementing this feature due to the risk of API key exposure in client-side code.

Practical application example: One developer demonstrated the new functionality through a personal project that leverages the CORS support.

  • The developer’s “Haiku” web application, which uses Claude to generate haikus from webcam photos, has been updated to use the new direct API access.
  • Previously, the app required a custom proxy to add CORS support, but it can now communicate directly with Anthropic’s API.

AI assistance in implementation: Interestingly, the developer used Claude itself to modify the application code for the new API access.

  • Initially, Claude advised against making direct API calls from a browser due to security concerns.
  • After the developer explained the new recommendation from Anthropic, Claude proceeded to make the necessary code modifications.

Code snippet for implementation: A simplified JavaScript example illustrates how to use the new CORS support in browser-based applications.

  • The code demonstrates how to make a POST request to the Anthropic API using the new header.
  • It includes setting the appropriate headers, structuring the request body, and handling the response to display the generated haiku.

Broader implications: This update reflects the evolving landscape of AI API accessibility and integration in web development.

  • The move towards allowing direct browser access to AI APIs could lead to more interactive and responsive AI-powered web applications.
  • However, it also underscores the ongoing balance between convenience and security in API design, highlighting the need for developers to carefully consider the implications of client-side API access in their applications.
Claude’s API now supports CORS requests, enabling client-side applications

Recent News

Black tech workers confront AI bias at AfroTech conference

Growing concerns over job security and AI's impact take center stage as 37,500 Black tech professionals gather to navigate industry upheaval.

How OpenAI tests its large language models

OpenAI combines human experts and automated testing systems to catch harmful AI behaviors before public deployment.

NVIDIA and Microsoft unveil AI breakthroughs at Ignite event

Microsoft and Nvidia introduce tools and infrastructure to help businesses deploy AI applications more easily, both in data centers and on personal computers.