Hello @Fernando Martin Gutierrez !
This is most probably related to CORS
https://learn.microsoft.com/en-us/azure/api-management/cors-policy
From Google’s announcement: “strict-origin-when-cross-origin offers more privacy. With this policy, only the origin is sent in the Referer header of cross-origin requests. This prevents leaks of private data that may be accessible from other parts of the full URL such as the path and query string.”
Have also a look in this Post
https://stackoverflow.com/questions/67244072/how-configure-azure-api-management-for-cors
I hope this helps!
Kindly mark the answer as Accepted and Upvote in case it helped!
Regards