Merge pull request #114 from NHSDigital/dev/NPA-3922_Cors_Fix

NPA-3922 Update Sandbox CORS response

Author: JackPlowman

proxies/live/apiproxy/policies/AssignMessage.AddCors.xml

@@ -4,7 +4,7 @@
     <Set>
         <Headers>
             <Header name="Access-Control-Allow-Origin">{request.header.origin}</Header>
-            <Header name="Access-Control-Allow-Headers">origin, x-requested-with, accept, content-type, nhsd-session-urid, x-correlation-id, x-request-id</Header>
+            <Header name="Access-Control-Allow-Headers">origin, x-requested-with, accept, content-type, nhsd-session-urid, authorization, x-correlation-id, x-request-id</Header>
             <!--you can add headers here if you want to expose
             <Header name="Access-Control-Expose-Headers">origin, x-requested-with, accept, content-type, nhsd-session-urid, x-my-new-header</Header> -->
             <Header name="Access-Control-Max-Age">3628800</Header>