CORS issue while fetching users on frontend


Can anyone help me with my problem regarding fetching users on the frontend. I wanted the frontend to fetch the users using public client. While login redirect works and loaduserinfo works (keycloak-js adapter), when i try to fetch users from the REST Api it showing me CORS error.

has been blocked by CORS policy: Request header field access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response.

I’ve added manager-users, view-users, query-users from real-management to my user role. Set my web origins to * and setup valid redirect path to my frontend app. My client is public. All in local just for dev purposes.

Can anyone help what i have to do else or configure something else. Some post/example is showing grant_type=password but its not advised by keycloak.