Skip to main content
Law4Devs supports cross-origin requests so you can call the API directly from browser applications. CORS is configured at the infrastructure level — no extra setup is needed for most use cases.

Allowed Configuration

PropertyValue
Allowed methodsGET, OPTIONS
Allowed origins*
Allowed headersContent-Type, Authorization, X-API-Key
Preflight cache3600 seconds (1 hour)
The API is read-only — only GET requests are permitted. OPTIONS is allowed for CORS preflight checks.

Browser Example

Never expose your API key in a browser application’s source code or public repository. Use environment variables and server-side proxying for production browser integrations.