CA Live API Creator: CORS error while invoking custom endpoint

book

Article ID: 74937

calendar_today

Updated On:

Products

CA API Gateway (Layer 7) SA94 to API SECURITY STARTER PACK-7 CA Rapid App Security MOBILE API GATEWAY CA Mobile - API Gateway CA API Gateway

Issue/Introduction

When invoking a custom endpoint you may receive the below error:


Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

Environment

Release:
Component: APILAC

Resolution

LAC versions up to 4.0 does not allow for extraneous headers to fully support this type of CORS request.
Starting with LAC 4.1, you have complete flexibility to handle CORS in any way you want. 

https://docops.ca.com/ca-live-api-creator/4-1/en/developing-apis/extensibility/event-handlers/