Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://myapop-test.apigee.net/csa-api/postNewItem. (Reason: CORS header 'Access-Control-Allow-Origin' missing) Using Javascript, I’m getting this error when I send a call to my api using the following: ajax.setRequestHeader("Content-Type", "application/json;charset=UTF-8") ajax.setRequestHeader('Access-Control-Allow-Headers', '*'); The best conclusion I have found is that I have to setup some kind of policy in Apigee to allow my server to make calls to the API. My API is written in Node.js. Is there any videos or step-by-step links that will help me figure out the problem? I’m really stuck and this is my first attempt at building an API, so I feel lost trying to track down the issue.