CORS Error in DELETE REST hosted in Azure API gateway

Question

I am getting the following errors in the browser when trying to call a DELETE REST API hosted in Azure API Gateway and Azure function. All other API requests (GET, POST) are working fine.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://xxxx.azure-api.net/Lookup/a03aebd1c. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://xxxxx.azure-api.net/Lookup/a03aebd1c. (Reason: CORS request did not succeed).

The Azure API gateway CORS configuration is

<policies>
<inbound>
    <base />
    <cors>
        <allowed-origins>
            <origin>https://xxxx.z13.web.core.windows.net</origin>
        </allowed-origins>
        <allowed-methods>
            <method>GET</method>
            <method>POST</method>
            <method>DELETE</method>
            <method>OPTIONS</method>
        </allowed-methods>
    </cors>
</inbound>
<backend>
    <base />
</backend>
<outbound>
    <base />
</outbound>
<on-error>
    <base />
</on-error>

Any Advice on how to fix this issue?

Emad Gabriel Emad Gabriel · Accepted Answer · 2020-09-18T13:40:12

The issue turned out that the CORS in global scope was set to only accept GET and POST. when I added DELETE to the global scope it worked. more details about scopes at:https://docs.microsoft.com/en-us/azure/api-management/set-edit-policies

CORS Error in DELETE REST hosted in Azure API gateway

1 Answers