CORS is a mechanism that allows web browsers or other web clients access to your sites. Access of this kind is usually forbidden by the Same-Origin-Policy (SOP). To add trusted hosts using CORS, proceed as follows:
-
Open the Maintain Protection Allowlists app on the SAP Fiori Launchpad.
-
Open the Cross-Origin Resource Sharing tab.
-
Enter the Trusted Host Name (SAP Analytics Cloud, for example, could have the following pattern: mytenant.us1.sapbusinessobjects.cloud).
-
Enter the HTTP Service Path (for example
/sap/opu/odata/sap/APS_IAM_API_BROLE_CDOC). -
Select the allowed HTTP methods .
-
Enter the allowed headers (for example
content-type)Only the following response headers are generally accessible in a CORS query:
-
Cache Control
-
Content Type
-
Last Modified
-
Content Language
-
Expires
-
Pragma
If the server wants to give the client access to further headers, it has to use the Exposed Headers option.
-
-
In addition, you can define exposed headers under Optional Response Headers if required. Please select the required checkboxes.
-
Click Add.
Related Information