Issue in custom build App through API

Dear All,

While we are trying to pull the project data to the custom build App through API, we are getting a bellow error. We are using forge bridge for the same , with a react app.

While we know that there are 2 options to do this:

  1. Using the api from @forge/api
  2. Using the axios and passing the accessToken via headers
    both results in the same error. We are sure that the API calls are indeed made on the client side as well.

Example of the api function :

const fetchProjects = () => {
axios.get(`https://*****${boardId}/project`, {
  headers: {
    'Authorization': `Bearer ${accessToken}`,
    'Accept': 'application/json'
  .then(response => {
    // Handle the API response here
    console.log("projects data" ,;
  .catch(error => {
    // Handle errors here

We have also added the follow meta data in the index.html page of the react application.

	<meta http-equiv="Content-Security-Policy" content="default-src gap://ready file://* *; style-src 'self' http://* https://* 'unsafe-inline'; script-src 'self' http://* https://* 'unsafe-inline' 'unsafe-eval'">

Did anyone faced similar issues, kindly guide us to resolve the issues.

Thanks in Advance.

Error :

Refused to connect to 'https://******' because it violates the following Content Security Policy directive: "connect-src 'self