Failed to fetch localhost OpenAPI spec

I’m developing a plugin locally, but keep being met with:

Failed to fetch localhost OpenAPI spec.

In my manifest, the api url is (added a space after // due to link blocking):

http:// localhost:8000/static/openapi.yaml

Which I can access perfectly fine via the browser. My logs from below are showing OPTIONS requests, followed by GET requests which returns a 304 for the manifest, and a 200 for the OpenAPI spec. So not sure why ChatGPT is telling me it failed to fetch it given the 200 response:

INFO: - "OPTIONS /.well-known/ai-plugin.json HTTP/1.1" 400 Bad Request
INFO: - "GET /ai-plugin.json HTTP/1.1" 304 Not Modified
INFO: - "OPTIONS /static/openapi.yaml HTTP/1.1" 400 Bad Request
INFO: - "GET /openapi.yaml HTTP/1.1" 200 OK

Anyone else had a similar issue?

Hi Jack,

Welcome! Not sure if you’re having the same problem as I did initially but I saw this until I enabled CORS on my local server. Check your server docs for how to enable CORS and specifically this response header:

access-control-allow-origin: *


While I agree that you should try as @rwaldin suggest you should also try the quickstart example, AKA TODO example, as a test. If that fails then the problem is more likely with network than code.

Also if that does work and your code still fails then try modifying the quickstart example a piece at a time and verifying it works after each modification until it is transformed into your plugin.

@EricGT @rwaldin Thank you for your responses. On CORS, I had already taken care of this and specifically whitelisted chat. openai .com (http and https). If I hadn’t, I believe I would have had an error regarding the manifest file itself instead. Also, I am already testing the suggested TODO example.

However, after coming back a couple hours after I made this post, it seems to have resolved, and ChatGPT can now locate my OpenAPI definition, despite me making no changes. Rather odd, assuming this might be the result of session-based data in the browser. Will investigate further if this comes up again.

After testing the plugin, and running into some errors, it does appear CORS was the issue. I need to allow all origins rather than a whitelist.

However, I would have assumed allowing chat. openai. com (again added the spaces due to link blocking) would have allowed all the requests? What other potential origins are there for these requests? From my developer console, it seems the https version of the URL I’ve just specified is the one that is failing, which I’ve already whitelisted in FastAPI.

1 Like

Glad you resolved your problem. You should be able to see an origin request header in the api request if you still want to whitelist but I haven’t looked. You don’t need any CORS headers for deployed plugins so I’m happy to use * for my localhost environment which is unlikely to see any requests except from the local openai browser context.

Can you share you code for your fix? I’m building a FastAPI plugin and facing the same problem.