Adding extra headers to algolia client causes CORS error

Hi, I am trying to add an additional header as described in this article but it results in a CORS error:

Access to XMLHttpRequest has been blocked by CORS policy: Request header field x-forwarded-for is not allowed by Access-Control-Allow-Headers in preflight response.

This is what my code looks like:

algoliasearch(env.ALGOLIA_APP_ID, window.ALGOLIA_SEARCH_KEY, {
    headers: {
        ‘X-Forwarded-For’ = ‘AN IP ADDRESS’

The X-Forwarded-For header is meant for backend / node, what’s the reason you are sending it from a browser environment?

Which method do you get this error with?

I’m trying to use this for analytics purposes. We want to distinguish users who may or may not be logged in, so we don’t necessarily have user-specific info to user for a user token header.

Have you considered analyticsTags for that ( Or userToken (

In the case of userToken, what types of identifiers might people use? In my case, the user might not be logged in so I won’t always have a user ID to use as a userToken (hence the original idea of using IP).

in the search-insights client we create a random identifier and save it in the cookies:

Ah, thank you! That’s what I needed.