Close popover
Kanneeswaran Kotteswaran (Kanneesh)
Accenture Technology Solutions Pte Ltd

Accenture Technology Solutions Pte Ltd
Kanneesh Member since 2018 11 posts
Accenture Technology Solutions Pte Ltd
Posted: September 13, 2018
Last activity: September 29, 2019

How to configure CORS PEGA 7.4

Hi All,

I followed the below URLs for configuring CORS for the OOTB API, however my application still errors out with the below message.

Failed to load http://localhost:8080/prweb/api/v1/authenticate: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9080' is therefore not allowed access.


List of options tried while creating CORS policy:

1. Configured "*" for the Allowed origins, Allowed headers, Exposed headers

2. Configured "http://localhost:9080" for the Allowed origins and "content-type,x-csrf-token" in the Allowed headers column and left Exposed headers column blank.

3. Enabled / disabled "Allow Credentials" in both the above cases.

4. While configuring the Endpoint-CORS policy mapping enabled just "*" to use the cusomized CORS policy , default CORS policy. Also tried mapping the customized CORS policy with Endpoint as "api/" , "api/v1/assignments" etc

5. Applied all the above combinations for the below Dynamic System Settings

Pega-API api.v1.CORS.allowedheaders
Pega-API api.v1.CORS.allowedorigins
Pega-API api.v1.CORS.maxage

My Request Header:

  1. Access-Control-Request-Headers:
  2. Access-Control-Request-Method:
  3. Origin:
  4. User-Agent:
    Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/68.0.3440.106 Safari/537.3
Data Integration