In this article, I will discuss about the error message that you might found when calling a CORS protected .NET Core Api. The following is the full error message:

How to Fix Error No ‘Access-Control-Allow-Origin’

1. Allow Method “Options”

A preflight request is one that the browser sends to see if the CORS settings have been correctly implemented.

Therefore, if your endpoint supports POST, PUT, or DELETE operations and the browser sends a “application/json” request, the browser sends two requests: the “OPTIONS” request first, then a POST, PUT, or DELETE request.

You must therefore enable OPTIONS: in your application’s CORS settings.

2. Cors is Defined Twice in Your Code

Check that you have defined CORS twice.

First add CORS to the WebApplicationBuilder Services:

Then when defining the app:

3. Check the Sequence of Calls

You must define CORS before you map controllers, define routes etc.

4. Your Load Balancer Must Allow “Options” as well

In front of your API, do you have a load balancer? Verify that OPTIONS methods are also supported by the load balancer.

Hopefully, tips above help you to fix above error. Happy Coding!

Leave a comment

Your email address will not be published.