Cors policy



less than 1 minute read

Cross-Origin Resource Sharing (CORS) Policy is a mechanism which allows restriction to domain access. Domains configured by the User is only accessible. This Policy provides a path for the BROWSER and the SERVER to interact with each other, to determine whether it is safe to provide access to the Cross-Origin Request.

Policy Statement

Each policy requires certain configuration, which will allow to configure the policy for a particular API endpoint. Below are the list of configurations required for this policy.


The rules and setup needs to be made accordingly.

Name Description Is Mandatory Default Value
CORS Policy This inbound policy provides two options
Sequence & Domain List
Yes Not Applicable
Sequence In which order of your policies applied, you want this policy to run No Not Applicable
Domain List You need to specify the List of the Domains, you want CORS to accept. No Not Applicable

Policy Usage

The policy can be applied only at inbound section.


Currently the policy can be applied at API Version Scope only.