I am following the steps here to implement browser sign in using Twitter all on the front-end, but looks like CORS is not enabled for that URL.
Is this possible at all? Or should some of the steps in the flow be performed in the backend?
Correct, Twitter does not implement CORS and generally speaking you wouldn’t want to put your app keys etc in a browser front-end, so we’d recommend performing the OAuth handshake on the backend.
Thanks Andy. Was mainly looking to implement the OAuth 2.0 Client-Side Flow, but looks like Twitter only supports the Server-Side Flow.