Syncplicity Support

Search our knowledgebase to get the help you need, today


Unable to list, upload and download files in SVA-protected folders

Users can login to MySite with an SSO account credentials but cannot list, upload, download files because SV Authentication on the StorageVault is failing.

The authentication fails by default when MY Site and Storage Connector are located in different domains.


In the my.syncplicity site, users are unable to browse shared folders that are hosted оn StorageVaults with authentication (SVA) and cannot upload files to them.

The Developer tools Console of the browser displays an exception error related to CORS policy. 

Access to XMLHttpRequest at <folder and server name> from origin <domain name> has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested source.



In Storage Connector 2.22.x, the Access-Control-Allow-Origin header is defined in property in file /etc/syncp-storage/syncp-storage.conf that is located in the Storage Connector virtual appliance.

The default value https://* for property contains a wildcard that is not properly interpreted. As a result, the Access-Control-Allow-Origin header is treated as invalid and the access control check fails.

Therefore, users cannot execute any operations on an SVA-protected StorageVault when My Site and Storage Connector are not in the same domain.


Remove the default value for property and do not use values that contain wildcards.

  1. On the Storage Connector virtual appliance, open file  for editing.
    To edit in vi editor, run the following command:
  2. Locate the property and verify that its value does not contain wildcards.
    The property type is semi-colon delimited. List all domains that you want to include for cross-domain resource sharing in StorageVaults with authentication.
    For example,;;;;



Powered by Zendesk