This documentation is for WSO2 API Manager 1.9.0 View documentation for the latest release.
Page Comparison - Include Additional Headers in the API Console (v.4 vs v.5) - API Manager 1.9.0 - WSO2 Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Anchor
EnableCORSForOauthTokenApis
EnableCORSForOauthTokenApis
Enabling CORS for Oauth Token related APIs

Enabling CORS configuration through api-manager.xml is only valid for APIs created through the API manager Publisher application. Hence enabling CORS for Oauth token related APIs (/authorize, /revoke, /token, /userinfo) can be carried out as follows. 

Based on the API that you need to enable CORS, add the following handler configuration to the relevant API synapse file present in <APIM_HOME>/repository/deployment/server/synapse-configs/default/apifolder. It should be added within the <handlers> parent element.

Code Block
languagexml
<handler class="org.wso2.carbon.apimgt.gateway.handlers.security.CORSRequestHandler">
    <property name="inline" value="ENDPOINT"/>
</handler>

The following are the mappings of the synapse files corresponding to the Oauth token related APIs.

Endpoint
Synapse configuration
/authorize_AuthorizeAPI_.xml
/revoke_RevokeAPI_.xml
/token_TokenAPI_.xml
/userinfo_UserInfoAPI_.xml