CORS Configuration for Browser-Based Access

Chroma JS package allows you to use Chroma in your browser-based SPA application. This is great, but that means that you’ll need to configure Chroma to work with your browser to avoid CORS issues.

Setting up Chroma for Browser-Based Access

To allow browsers to directly access your Chroma instance you’ll need to configure the CHROMA_SERVER_CORS_ALLOW_ORIGINS. The CHROMA_SERVER_CORS_ALLOW_ORIGINS environment variable controls the hosts which are allowed to access your Chroma instance.

Note

The CHROMA_SERVER_CORS_ALLOW_ORIGINS environment variable is a list of strings. Each string is a URL that is allowed to access your Chroma instance. If you want to allow all hosts to access your Chroma instance, you can set CHROMA_SERVER_CORS_ALLOW_ORIGINS to ["*"]. This is not recommended for production environments.

The below examples assume that your web app is running on http://localhost:3000. You can find an example of NextJS and Langchain here.

Using Chroma run:

  1. export CHROMA_SERVER_CORS_ALLOW_ORIGINS='["http://localhost:3000"]'
  2. chroma run --path /path/to/chroma-data

Or with docker:

  1. docker run -e CHROMA_SERVER_CORS_ALLOW_ORIGINS='["http://localhost:3000"]' -v /path/to/chroma-data:/chroma/chroma -p 8000:8000 chromadb/chroma

Or in your docker-compose.yml:

  1. version: '3.9'
  2. networks:
  3. net:
  4. driver: bridge
  5. services:
  6. server:
  7. image: chromadb/chroma:0.5.0
  8. volumes:
  9. # Be aware that indexed data are located in "/chroma/chroma/"
  10. # Default configuration for persist_directory in chromadb/config.py
  11. # Read more about deployments: https://docs.trychroma.com/deployment
  12. - chroma-data:/chroma/chroma
  13. command: "--workers 1 --host 0.0.0.0 --port 8000 --proxy-headers --log-config chromadb/log_config.yml --timeout-keep-alive 30"
  14. environment:
  15. - IS_PERSISTENT=TRUE
  16. - CHROMA_SERVER_AUTH_PROVIDER=${CHROMA_SERVER_AUTH_PROVIDER}
  17. - CHROMA_SERVER_AUTHN_CREDENTIALS_FILE=${CHROMA_SERVER_AUTHN_CREDENTIALS_FILE}
  18. - CHROMA_SERVER_AUTHN_CREDENTIALS=${CHROMA_SERVER_AUTHN_CREDENTIALS}
  19. - CHROMA_AUTH_TOKEN_TRANSPORT_HEADER=${CHROMA_AUTH_TOKEN_TRANSPORT_HEADER}
  20. - PERSIST_DIRECTORY=${PERSIST_DIRECTORY:-/chroma/chroma}
  21. - CHROMA_OTEL_EXPORTER_ENDPOINT=${CHROMA_OTEL_EXPORTER_ENDPOINT}
  22. - CHROMA_OTEL_EXPORTER_HEADERS=${CHROMA_OTEL_EXPORTER_HEADERS}
  23. - CHROMA_OTEL_SERVICE_NAME=${CHROMA_OTEL_SERVICE_NAME}
  24. - CHROMA_OTEL_GRANULARITY=${CHROMA_OTEL_GRANULARITY}
  25. - CHROMA_SERVER_NOFILE=${CHROMA_SERVER_NOFILE}
  26. - CHROMA_SERVER_CORS_ALLOW_ORIGINS=["http://localhost:3000"]
  27. restart: unless-stopped # possible values are: "no", always", "on-failure", "unless-stopped"
  28. ports:
  29. - "8000:8000"
  30. healthcheck:
  31. # Adjust below to match your container port
  32. test: [ "CMD", "curl", "-f", "http://localhost:8000/api/v1/heartbeat" ]
  33. interval: 30s
  34. timeout: 10s
  35. retries: 3
  36. networks:
  37. - net
  38. volumes:
  39. chroma-data:
  40. driver: local

Run docker compose up to start your Chroma instance.

April 29, 2024