Menu
I am working with Azure API Management and have three API's that I need to manage with it. When testing, the GET methods work fine, however the post methods I get the following error:
Origin header was missing or empty and the request was classified as not cross-domain. CORS policy was not applied.
I have searched around and seen a number of issues with CORS and APIM, however I havent seen my specific issue as of yet.
The current configuration of the CORS Policy is
<policies>
<inbound>
<cors>
<allowed-origins>
<origin>*</origin>
</allowed-origins>
<allowed-methods>
<method>GET</method>
<method>POST</method>
</allowed-methods>
</cors>
</inbound>
<backend>
<forward-request />
</backend>
<outbound />
<on-error />
</policies>
I have looked for answers in the following places :
https://learn.microsoft.com/en-us/azure/api-management/api-management-cross-domain-policies
Azure API Management CORS: Why do I get "Headers starting with 'Access-Control-' were removed..."
https://briancaos.wordpress.com/2018/04/05/azure-api-management-configure-cors-in-the-policy/
The questions I have are 1. How do I need to shape my CORS policy, 2. Do I need to add anything in to the API Startup.cs or config files to handle CORS too?
Thanks?
996
As of end of 2020, besides the option to configure this through an XML policy, as stated in the docs, there is now also a visual way to configure this in the Azure Portal.
That should cover the "how to shape your policy" part of your question. It is even possible to apply a policy, like CORS, globally to all API's.
160
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
