I'm trying to configure my API in Azure APIM so it can be called by the new Azure APIM Developer Portal (still in preview at the moment). When I try to call the API from the dev portal, I have an error telling me that I need to configure CORS to allow a call from the dev portal. I added the CORS policy to my API (with origin=*, for testing purposes) and I still have the same issue. Am I missing something?
0
votes
3 Answers
2
votes
1
votes
Here is the exact policy that should be applied:
<cors>
<allowed-origins>
<origin>*</origin>
</allowed-origins>
<allowed-methods>
<method>GET</method>
<method>POST</method>
<method>PUT</method>
<method>DELETE</method>
<method>HEAD</method>
<method>OPTIONS</method>
<method>PATCH</method>
<method>TRACE</method>
</allowed-methods>
<allowed-headers>
<header>*</header>
</allowed-headers>
<expose-headers>
<header>*</header>
</expose-headers>
</cors>
Source: https://github.com/Azure/api-management-developer-portal/issues/290#issuecomment-551088484
0
votes
I did this at the all API operations level and had to include 'Access-Control-Allow-Origin' header.
<cors allow-credentials="true">
<allowed-origins>
<origin>*YourDomain*</origin>
</allowed-origins>
<allowed-methods>
<method>GET</method>
<method>POST</method>
</allowed-methods>
<allowed-headers>
<header>Ocp-Apim-Subscription-Key</header>
<header>Access-Control-Allow-Origin</header>
<header>Content-Type</header>
</allowed-headers>
</cors>
