I have a requirement to call APIGEE OAuth URL to get auth-token from Angular 4 code. We are calling this URL from web browser. When I add authorization header in the GET request, browser automatically adds preflight request. This preflight request is of type OPTIONS and always without Authorization in header. But APIGEE does not accept this request without Authorization header. Is there any way we can skip this preflight call? or any way we can add Authorization header when browser makes preflight call? Is it a valid requirement to have authorization header mandatory in OPTIONS request from APIGEE side? Please suggest if you have any other views. Thanks in Advance.