Configure CORS
To make in-browser API calls from the API Reference, you must configure CORS (Cross-Origin Resource Sharing) for your local FusionAuth instance. This is not required if you only use the generated curl commands to call the API from the command line.
Only use this configuration for development and testing instances of FusionAuth.
Do not run your production FusionAuth instance with CORS configured this openly.
To set up CORS to allow :
- Log in to your FusionAuth administrative user interface.
- Navigate to Settings -> System .
- Enable CORS.
- Add
authorization,accept, andcontent-typeto the list of Allowed headers. Use the ENTER key to add each of these separately -- do not add them as a comma-separated list. - Enable all the Allowed methods.
- Add
fusionauth.ioto the list of Allowed origins.
You can also set Allowed origins to * to allow requests from any origin.