Enable CORS in ASP.NET Core Web API

Hello friends,

As we know that in Web API, CORS is by default disabled due to security reasons. and hence if a client tries to access API in different server and port, you can end up with error as “Origin http://localhost:xxxx is not allowed by Access-Control-Allow-Origin

To enable it in ASP.NET Core Web API, there are few steps involved as following.

Go to startup.cs

Put code as follows inside ConfigureServices method

services.AddCors();

Put code as follows inside Configure method

app.UseCors(
options => options.WithOrigins("http://localhost", "https://localhost")
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials()
);

In the WithOrigins array, you can add or remove the client URL based on your local machine domain and port settings.

Hope you found the post useful. Please let me know your comment below.

Leave a Reply

Your email address will not be published. Required fields are marked *