Add CORS configuration
| The following content applies to the ForgeRock JavaScript SDK. |
-
Log in to the AM admin UI as an administrator.
-
At the top of the page, select Configure > Global Services.
-
Click CORS Service.
-
Click Secondary Configurations.
-
Click Add a Secondary Configuration.
-
Fill out the fields so as per the following example, and click Create.
Property Value(s) Name
sdk-tutorialAccepted Origins
https://sdkapp.example.com:8443Accepted Methods
GET,POSTAccepted Headers
Content-Type,X-Requested-With,Accept-API-Version,If-Match,AuthorizationExposed Headers
n/a
-
Activate Enable the CORS filter.
-
Activate Allow Credentials.
-
Click Save Changes.
The main CORS configuration page has the following additional properties:
- Enable the CORS filter
-
Specifies whether the values in this CORS configuration instance are active.
- Max Age
-
The maximum length of time, in seconds, that the browser can cache the pre-flight response. The value is included in pre-flight responses in the
Access-Control-Max-Ageheader. - Allow Credentials
-
Whether to allow requests with credentials in either HTTP cookies or HTTP authentication information. Applies when a request has the
credentialsproperty set toinclude. You must enable this property if you send Authorization headers as part of the CORS requests, or need to include information in cookies when making requests.
| Changes to CORS configuration take effect immediately. There is no need to restart the service. |