CORS between static website and Apim
![](https://techprofile.blob.core.windows.net/images/ZldwGy4230isfpKHiCrK9A.png?8DB291)
Mellani, Roberto
1
Reputation point
try to call an Api method exposed on Azure Apim from a static Web Site
configured apim policy like this:
<policies>
<inbound>
<cors>
<allowed-origins>
<origin>{https://url_of_staticWebApp}</origin>
<origin>http://localhost:8001</origin>
</allowed-origins>
<allowed-methods preflight-result-max-age="300">
<method>*</method>
</allowed-methods>
<allowed-headers>
<header>*</header>
</allowed-headers>
<expose-headers>
<header>*</header>
</expose-headers>
</cors>
</inbound>
<backend>
<forward-request />
</backend>
<outbound />
<on-error />
</policies>
i also tried to set global header inside staticwebapp.config.json like:
"globalHeaders": {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET, POST, OPTIONS",
},
i cannot obtain any different result apart from a fault preflight and a CORS ERROR in get method.
any custom header here, just a simple get