Hi Community, I have converted this curl rest

relationtuple='

{

"namespace": "models",

"object": "nermodels",

"relation": "train",

"subject_id": "Aqib"

}'

curl --fail --silent -X PUT \

--data "$relationtuple" \

<http://127.0.0.1:4467/relation-tuples> > /dev/null \

&& echo "Successfully created tuple" \

|| echo "Encountered error"

request into axios one

const relationtuple =

{

"namespace": "models",

"object": "nermodels",

"relation": "train",

"subject_id": "Aqib"

}

axios({

method: "put",

url: '<http://127.0.0.1:4467/relation-tuples>',

// data: formData,

data:relationtuple

})

.then(response => {

console.log(response)

// console.log(typeof(response.data.ner))

})

for sending the request using react js but when i send the request i get cors error i am using this docker-compose https://github.com/gen1us2k/ory_workshop/tree/master/keto file for keto server (edited) I know it is because of different origins, how can i resolve it?

Keto is not secure to expose directly, if you do that a user is able of getting permissions of a different user

ok than how can i access the rest end point using front end framework like React, or i cannot do this?

You need a backend wrapper that ensures the queries are allowed I.e. take the subject from the session instead of allowing the client to specify it

ok than how can i do this i mean which session, the one we get from ory kratos?

Browsers can't use gRPC It depends on how you authenticate your users See this example of how to use oathkeeper and Kratos https://ory-community.slack.com/archives/C01340V8KSM/p1651824896257679?thread_ts=1651824896.257679&cid=C01340V8KSM