Cross-Origin Resource Sharing (CORS) Policy is a mechanism which allows restriction to domain access. Domains configured by the User is only accessible.
provides a path for the BROWSER and the SERVER to interact with each other, to determine whether it is safe to
provide access to the Cross-Origin Request.
Each policy requires certain configuration, which will allow to configure the policy for a particular API endpoint. Below are the list of configurations required for this policy.
The rules and setup needs to be made accordingly.
|Name||Description||Is Mandatory||Default Value|
|CORS Policy||This inbound policy provides two options
Sequence & Domain List
|Sequence||In which order of your policies applied, you want this policy to run||No||Not Applicable|
|Domain List||You need to specify the List of the Domains, you want CORS to accept.||No||Not Applicable|
The policy can be applied only at inbound section.
Currently the policy can be applied at API Version Scope only.