Skip to content

Commit edb6e5e

Browse files
megvanhuygenmegvanhuygen
authored
Merge pull request #107930 from mikebudzynski/apim-cors-azportal
APIM: apply CORS policy in Az portal
2 parents 88c4587 + 7d768b6 commit edb6e5e

File tree

2 files changed

+13
-23
lines changed

2 files changed

+13
-23
lines changed

articles/api-management/api-management-howto-developer-portal.md

Lines changed: 13 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ ms.service: api-management
1212
ms.workload: mobile
1313
ms.tgt_pltfrm: na
1414
ms.topic: article
15-
ms.date: 03/05/2020
15+
ms.date: 03/15/2020
1616
ms.author: apimpm
1717
---
1818

@@ -134,30 +134,20 @@ Most configuration changes (for example, VNet, sign-in and product terms) requir
134134

135135
### <a name="cors"></a> I'm getting a CORS error when using the interactive console
136136

137-
The interactive console makes a client-side API request from the browser. You can resolve the CORS problem by adding [a CORS policy](api-management-cross-domain-policies.md#CORS) on your API(s). You can specify all the parameters manually or use wildcard `*` values. For example:
138-
139-
```XML
140-
<cors allow-credentials="true">
141-
<allowed-origins>
142-
<origin>https://contoso.com</origin>
143-
</allowed-origins>
144-
<allowed-methods preflight-result-max-age="300">
145-
<method>*</method>
146-
</allowed-methods>
147-
<allowed-headers>
148-
<header>*</header>
149-
</allowed-headers>
150-
<expose-headers>
151-
<header>*</header>
152-
</expose-headers>
153-
</cors>
154-
```
137+
The interactive console makes a client-side API request from the browser. Resolve the CORS problem by adding [a CORS policy](api-management-cross-domain-policies.md#CORS) on your API(s).
138+
139+
You can check the status of the CORS policy in the **Portal overview** section of your API Management service in the Azure portal. A warning box indicates an absent or misconfigured policy.
140+
141+
![API Management developer portal](media/api-management-howto-developer-portal/cors-azure-portal.png)
142+
143+
Automatically apply the CORS policy by clicking on the **Enable CORS** button.
155144

156-
Apply the CORS on the global scope to ensure it's enabled for all APIs.
145+
You can also enable CORS manually.
157146

158-
1. Navigate to **All APIs** in the **APIs** section of your API Management service in the Azure portal.
159-
2. Click on the **</>** icon in the **Inbound processing** section.
160-
3. Insert the policy in the **<inbound>** section of the XML file. Make sure the **<origin>** value matches your developer portal's domain.
147+
1. Click on the **Manually apply it on the global level** link to see the generated policy code.
148+
2. Navigate to **All APIs** in the **APIs** section of your API Management service in the Azure portal.
149+
3. Click on the **</>** icon in the **Inbound processing** section.
150+
4. Insert the policy in the **<inbound>** section of the XML file. Make sure the **<origin>** value matches your developer portal's domain.
161151

162152
> [!NOTE]
163153
>

articles/api-management/media/api-management-howto-developer-portal/cors-azure-portal.png

66 KB
Loading

0 commit comments

Comments
 (0)