How to configure Azure API Management to handle CORS for multiple backend APIs?
I'm trying to implement I'm following best practices but Hey everyone, I'm running into an issue that's driving me crazy. I'm currently working on integrating multiple backend APIs through Azure API Management (APIM) and I'm working with issues with Cross-Origin Resource Sharing (CORS). Each of the APIs requires a different set of allowed origins for CORS, and I'm not sure how to configure APIM to handle this correctly. I've tried setting up CORS policies in the policy editor, but it seems like only the first API's CORS settings are taking effect. Hereβs the CORS policy Iβm currently using in the Azure portal: ```xml <policies> <inbound> <cors> <allowed-origins> <origin>https://example1.com</origin> <origin>https://example2.com</origin> </allowed-origins> <allowed-methods> <method>GET</method> <method>POST</method> </allowed-methods> <allowed-headers> <header>*</header> </allowed-headers> </cors> </inbound> </policies> ``` I originally thought that this would allow requests from both origins for all APIs, but when I deploy it, Iβm getting CORS errors in the browser console for requests hitting one of the APIs: ``` Access to XMLHttpRequest at 'https://api.example2.com/resource' from origin 'https://example1.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. ``` Iβve also tried creating separate APIs within APIM for each backend, but the same scenario continues. Is there a way to set different CORS settings for different APIs within the same APIM instance? Any insights or examples would be greatly appreciated! This is part of a larger CLI tool I'm building. Has anyone else encountered this? This is part of a larger desktop app I'm building. Thanks, I really appreciate it! My development environment is Windows 10.