I get a CORS error because the server is expecting User-Api-Key. I examine the expected headers in the OPTIONS response and that is what it says. There is a similar topic elsewhere on this forum where a user was experiencing this when calling from a javascript app.