CORS

The CORS section defines the CORS policy for your application.

allow_origins: Specifies which origins are allowed.
allow_methods: Lists the HTTP methods allowed.
allow_headers: Headers that are allowed in requests.
expose_headers: Headers that are exposed in responses.
allow_credentials: Indicates whether credentials are supported.
max_age: Specifies the cache duration for preflight requests.

Example

"cors": {
    "allow_origins": [
        "https://example.com",
        "https://example2.com"
    ],
    "allow_methods": [
        "GET",
        "POST",
        "PUT",
        "DELETE"
    ],
    "allow_headers": [
        "Content-Type",
        "Authorization"
    ],
    "expose_headers": [
        "Content-Type",
        "Authorization"
    ],
    "allow_credentials": true,
    "max_age": 86400
}

PreviousAuthorizer NextVariable Mapping

Last updated 8 months ago