XMLHttpRequest cannot load Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin is therefore not allowed access.
REST API request was sent from a Chrome web browser, where CORS (Cross-Origin Resource Sharing) has been eabled.
The OO REST API has been tested through SOAPUI and get expected result.
Comparing the header message sending from SoapUI, and from Chrome web browser, there were two main difference that I can find:
1. "GET' method was used at SoapUI, while "OPTIONS" was used at Chrome web browser
2. "Authorization: Basic **" header was added at SoapUI.
Snapshot of request header and response header for debuggging was attached.