By default, Core Service.REST does not allow interaction with web clients located in different domains. If you have developed an external client and want it to interact with Core Service.REST, this is also possible. Update the web.config file to add the URL to the allowed website list for CORS (cross-origin resource sharing).
Procedure
- On the Content Manager server machine, go to the openapi\service\ subfolder of
%TRIDION_HOME% .
- Open web.config in a plain-text or XML editor.
- Locate the
corsConfigs section.
- In the
corsAllowlist sub-section, add your website's URL, including both the domain and port. The following example shows the section with two URLs added:
<corsConfigs>
<corsAllowlist>
<add origin="https://DOMAIN_EXAMPLE1:77777" />
<add origin="https://DOMAIN_EXAMPLE1:88888" />
</corsAllowlist>
</corsConfigs>
- Save and close the file.
- Restart IIS.