CORS Configuration for Browser-Based Access

Chroma JS package allows you to use Chroma in your browser-based SPA application. This is great, but that means that you’ll need to configure Chroma to work with your browser to avoid CORS issues.

Setting up Chroma for Browser-Based Access

To allow browsers to directly access your Chroma instance you’ll need to configure the CHROMA_SERVER_CORS_ALLOW_ORIGINS. The CHROMA_SERVER_CORS_ALLOW_ORIGINS environment variable controls the hosts which are allowed to access your Chroma instance.

Note

The CHROMA_SERVER_CORS_ALLOW_ORIGINS environment variable is a list of strings. Each string is a URL that is allowed to access your Chroma instance. If you want to allow all hosts to access your Chroma instance, you can set CHROMA_SERVER_CORS_ALLOW_ORIGINS to ["*"]. This is not recommended for production environments.

The below examples assume that your web app is running on http://localhost:3000. You can find an example of NextJS and Langchain here.

Using Chroma run:

  1. export CHROMA_SERVER_CORS_ALLOW_ORIGINS='["http://localhost:3000"]'
  2. chroma run --path /path/to/chroma-data

Or with docker:

  1. docker run -e CHROMA_SERVER_CORS_ALLOW_ORIGINS='["http://localhost:3000"]' -v /path/to/chroma-data:/chroma/chroma -p 8000:8000 chromadb/chroma

Or in your docker-compose.yml:

  1. version: '3.9'
  3. networks:
  4.   net:
  5.     driver: bridge
  7. services:
  8.   server:
  9.     image: chromadb/chroma:0.5.0
  10.     volumes:
  11.       # Be aware that indexed data are located in "/chroma/chroma/"
  12.       # Default configuration for persist_directory in chromadb/config.py
  13.       # Read more about deployments: https://docs.trychroma.com/deployment
  14.       - chroma-data:/chroma/chroma
  15.     command: "--workers 1 --host 0.0.0.0 --port 8000 --proxy-headers --log-config chromadb/log_config.yml --timeout-keep-alive 30"
  16.     environment:
  17.       - IS_PERSISTENT=TRUE
  18.       - CHROMA_SERVER_AUTH_PROVIDER=${CHROMA_SERVER_AUTH_PROVIDER}
  19.       - CHROMA_SERVER_AUTHN_CREDENTIALS_FILE=${CHROMA_SERVER_AUTHN_CREDENTIALS_FILE}
  20.       - CHROMA_SERVER_AUTHN_CREDENTIALS=${CHROMA_SERVER_AUTHN_CREDENTIALS}
  21.       - CHROMA_AUTH_TOKEN_TRANSPORT_HEADER=${CHROMA_AUTH_TOKEN_TRANSPORT_HEADER}
  22.       - PERSIST_DIRECTORY=${PERSIST_DIRECTORY:-/chroma/chroma}
  23.       - CHROMA_OTEL_EXPORTER_ENDPOINT=${CHROMA_OTEL_EXPORTER_ENDPOINT}
  24.       - CHROMA_OTEL_EXPORTER_HEADERS=${CHROMA_OTEL_EXPORTER_HEADERS}
  25.       - CHROMA_OTEL_SERVICE_NAME=${CHROMA_OTEL_SERVICE_NAME}
  26.       - CHROMA_OTEL_GRANULARITY=${CHROMA_OTEL_GRANULARITY}
  27.       - CHROMA_SERVER_NOFILE=${CHROMA_SERVER_NOFILE}
  28.       - CHROMA_SERVER_CORS_ALLOW_ORIGINS=["http://localhost:3000"]
  29.     restart: unless-stopped # possible values are: "no", always", "on-failure", "unless-stopped"
  30.     ports:
  31.       - "8000:8000"
  32.     healthcheck:
  33.       # Adjust below to match your container port
  34.       test: [ "CMD", "curl", "-f", "http://localhost:8000/api/v1/heartbeat" ]
  35.       interval: 30s
  36.       timeout: 10s
  37.       retries: 3
  38.     networks:
  39.       - net
  41. volumes:
  42.   chroma-data:
  43.     driver: local

Run docker compose up to start your Chroma instance.

April 29, 2024