Information about CORS support in the OneBalance API
Origin
header identifying the requesting domainHeader | Description |
---|---|
Access-Control-Allow-Origin | The domain that sent the request (from the Origin header) |
Access-Control-Allow-Methods | The HTTP methods allowed for cross-origin requests (typically includes all available methods) |
Access-Control-Expose-Headers | Headers that will be accessible to requests from the origin domain |
Access-Control-Max-Age | How long (in seconds) the preflight response can be cached before another preflight is needed |
Access-Control-Allow-Credentials | Set to true to allow sending authentication credentials (like Access tokens) with the request |