Access confluence page content using REST API in Flutter using Dart

Hello all, I am new to web development and I am currently facing some issues regarding access to the content of my confluence page using REST API calls in Flutter. Whenever I try to make the call, I get back the error ‘XMLHTTPRequesterror’ and when I inspect my console it tells me that there is a CORS rule not permitting the access. So I wish to know more and how I can proceed. Below I provide my code which works in Postman

and the error message.

class ContainerTitleApi extends StatefulWidget {
  _ContainerTitleApiState createState() => _ContainerTitleApiState();

class _ContainerTitleApiState extends State<ContainerTitleApi> {
  Widget build(BuildContext context) {
    return  Center(
            child: FutureBuilder<Post>(
            future: fetchPost(),
            builder: (context, snapshot) {
            if (snapshot.hasData) {
             return Text("${}");
            } else if (snapshot.hasError) {
              return Text("${snapshot.error}");
            // By default, show a loading spinner.
            return CircularProgressIndicator();

class Post {
  final String title;


  factory Post.fromJson(Map<String, dynamic> json) {
    return Post(
      title: json['title'],

Future<Post> fetchPost() async {
  var headers = {
    'Authorization': 'Basic *********'
  var request = http.Request('GET', Uri.parse(''));


  http.StreamedResponse response = await request.send();

  if (response.statusCode == 200) {
    return Post.fromJson(json.decode(;
  else {
    throw Exception(response.reasonPhrase);

Are you creating a Connect app?

In that case, please see these instructions:

@leticiahamvegam welcome to the Atlassian developer community.

Regardless of the unique Flutter and Dart approach (at least from what I’ve seen here), you are probably just hitting plain old CORS policy, tripping the XSRF check. See XSRF check failed when calling Cloud APIs as a support FAQ. In short summary, you’ll have to pass X-Atlassian-Token: no-check as an HTTP header. But you should read the relevant docs because of the potential of opening a security hole on your Confluence instance.

Thank you for the reply. But I am trying to make a normal REST API call but CORS is not accepting

Thank you for the reply. I have tried applying the suggested solution in the resource but unfortunately I still get the same error.

According to your screenshot. this is because you are running Flutter Web. You can use a CORS proxy if you absolute want to call the JIRA API from the browser. Or you can build a small API running on you preferred cloud provider and call you API from Flutter.

1 Like

@leticiahamvegam Try to run your application using flutter run -d chrome --web-renderer html . By default, Flutter renders as CanvasKit and it won’t allow you to access the content from another server (CORS policy).

Hello @leticiahamvegam. Finally you were able to solve your problem ?. I have the same problem.