CORS between static website and Apim

Mellani, Roberto 1 Reputation point
2021-12-14T21:34:22.103+00:00

try to call an Api method exposed on Azure Apim from a static Web Site
configured apim policy like this:

<policies>
    <inbound>
        <cors>
            <allowed-origins>
                <origin>{https://url_of_staticWebApp}</origin>
                <origin>http://localhost:8001</origin>
            </allowed-origins>
            <allowed-methods preflight-result-max-age="300">
                <method>*</method>
            </allowed-methods>
            <allowed-headers>
                <header>*</header>
            </allowed-headers>
            <expose-headers>
                <header>*</header>
            </expose-headers>
        </cors>
    </inbound>
    <backend>
        <forward-request />
    </backend>
    <outbound />
    <on-error />
</policies>

i also tried to set global header inside staticwebapp.config.json like:

"globalHeaders": {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET, POST, OPTIONS",
},

i cannot obtain any different result apart from a fault preflight and a CORS ERROR in get method.
any custom header here, just a simple get

Azure API Management
Azure API Management
An Azure service that provides a hybrid, multi-cloud management platform for APIs.
1,663 questions
Azure Static Web Apps
Azure Static Web Apps
An Azure service that provides streamlined full-stack web app development.
704 questions
{count} votes