This is a pretty common error caused by a CORS policy. CORS is a security measure used by browsers and blocks requests coming from a different origin. For example, let's say I built an API which is hosted on api.example.com. If I call the API from an frontend application hosted on book.com, the server is gonna reject the request because it's expecting requests only from example.com.
To stop this error from happening, you can use the cors express middleware available as a NPM package. expressjs.com/en/resources/middleware/cors.html