Waiting for engine...
Skip to main content

DeployedApiCorsInput

Input parameters for configuring CORS settings on a deployed API.

input DeployedApiCorsInput {
  origins: [String!]!
  methods: [HttpMethod!]!
  headers: [String!]!
  allowCredentials: Boolean!
  maxAge: Int!
  exposeHeaders: [String!]!
  enableCors: Boolean
  runPolicies: Boolean
}

Fields

DeployedApiCorsInput.origins ● [String!]! non-null scalar miscellaneous

A list of URIs that may access the resource. "*" allows all requests regardless of origin. If the CORS is set to 'null', origin will be defaulted to '*'.

DeployedApiCorsInput.methods ● [HttpMethod!]! non-null enum catalog-service

A list of methods that are allowed when accessing the resource.

DeployedApiCorsInput.headers ● [String!]! non-null scalar miscellaneous

A list of headers that are allowed when accessing the resource ("authorization", "x-api-key", "content-type" and HTTP routing headers (if any) are added by default to the list).

DeployedApiCorsInput.allowCredentials ● Boolean! non-null scalar miscellaneous

Indicates whether or not the response to the request can be exposed when the credentials flag is true.

DeployedApiCorsInput.maxAge ● Int! non-null scalar miscellaneous

This indicates how long the results of a preflight request can be cached (-1 if disabled).

DeployedApiCorsInput.exposeHeaders ● [String!]! non-null scalar miscellaneous

This header lets a server whitelist headers that client (For eg. Browsers) are allowed to access.

DeployedApiCorsInput.enableCors ● Boolean scalar miscellaneous

This field toggles the inclusion or exclusion of API routing headers to the CORS allowed headers.

DeployedApiCorsInput.runPolicies ● Boolean scalar miscellaneous

This Indicates whether to enable or disable policy execution for preflight requests for an API. If not provided, it defaults to false.

Member Of

DeployedApiInput input ●  GatewayCorsInput input

On this Page