Hello @katsukichi
Apologies in the delay in response.
I understand that you would like to know how to apply multiple CORS rules at once in Azure Front Door.
I suggested you set the Access-Control-Allow-Origin header to wildcard (*).
You can add multiple origins in the same rule by clicking on the edit option of the header value and add all your origins to a single rule and then set the Access-Control-Allow-Origin header to wildcard (*) as below:
As mentioned in the below doc, CORS on Azure Front Door will work automatically with no extra configuration when the Access-Control-Allow-Origin header is set to wildcard (*).
However, you had doubts regarding this configuration as you have AAD authentication configured on your app service and wanted to know if it is possible to set such CORS rule as a wildcard.
I discussed this setup with the Azure Front Door Product Group team, and they mentioned the below:
We don’t anticipate any issues with the customer using the wildcard override for the Access-Control-Allow-Origin header.
Note: If the customer adds a new CORS origin after setting up the initial rule, they will need to purge the endpoint cache to reload the header for the new CORS origin.
So, you should be able to set the Access-Control-Allow-Origin header to wildcard (*) for your setup to apply multiple CORS rules at once in Azure Front Door.
Kindly let us know if the above helps or you need further assistance on this issue.
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.