Chrome and its derivatives are killing the open web.
Do your part, switch to Firefox today!

CORSjang°

Despite repeated requests, Mojang does not make their API available with a CORS header. This makes using their API difficult in browsers, and additionally the absurdly low rate limits make the username API functionally useless for even moderately sized use-cases.

CORSjang fixes both of these issues — it is a frontend to Mojang's APIs on bunny.net's CDN. A CORS header is added to all responses, allowing usage from browsers, and the CDN's variety of IPs and caching makes more APIs actually usable as a bonus.

As of 2025-06-12, we are also deploying mitigations for WEB-7591. See, this service is maintained!! It's not a one-off ghost project!!!!!!!!

Usage

Replace:

api.mojang.com
⮕ corsjangapi.b-cdn.net
api.minecraftservices.com
⮕ corsjangservices.b-cdn.net
sessionserver.mojang.com
⮕ corsjangsessionserver.b-cdn.net

textures.minecraft.net supplies CORS and so is not included. authserver.mojang.com is not included for security. Also I don't think that server does anything useful anymore after the migration? I dunno dude

In the official Minecraft client/server you can pass

-Dminecraft.api.services.host=https://corsjangservices.b-cdn.net
			-Dminecraft.api.account.host=https://corsjangapi.b-cdn.net
			-Dminecraft.api.session.host=https://corsjangsessionserver.b-cdn.net
			-Dminecraft.api.auth.host=https://authserver.mojang.com

as JVM arguments, as of... some version! 1.7? Which should fix the username lookup whitelisting errors.

Terms

Don't cause problems. This service may disappear at any time. No SLA. No warranty.

Worth noting that CORSjang is used by multiple production services.

Privacy

I don't want your data, you can keep it. This service has no backend or source code, it's just a bunny.net pull zone connected to Mojang's APIs. Even this page you're reading right now is served from a bunny.net storage zone. So, you only have to worry about their privacy policy, and bunny.net is a European company that prides themselves on privacy.

Request logs are not enabled, only aggregate statistics. IPs are not stored, they're replaced with 0.0.0.0 by bunny.net. I even go out of my way to erase your IP and user agent from the request made to Mojang.

Who pays for it?

Don't worry about it.

Who made this?

Don't worry about it.

I made it, it was me. No one suspects the cute spinning dolphin.