I’m building a Chrome extension that uses the Genesys Cloud Implicit Grant flow. The extension successfully acquires an OAuth token, but when it calls the /api/v2/conversations/calls endpoint, the request is blocked by CORS. It looks like Genesys Cloud isn’t returning Access-Control-Allow-Origin for my extension’s origin (chrome-extension://<EXTENSION_ID> or https://${EXTENSION_ID}.chromiumapp.org/).
The same code works fine from a regular HTTPS domain, so I know my payload is valid and my credentials/scopes are correct. Is there a recommended way to configure Genesys Cloud (or the OAuth client) so that calls from a Chrome extension are allowed? Any best practices for enabling Access-Control-Allow-Origin for a chrome-extension:// or https://${EXTENSION_ID}.chromiumapp.org/ origin would be greatly appreciated.