Quick Start - CORS Configuration

Enable CORS

The CORS configuration is an API-Only configuration, and requires access to the API playground to set these values.

Open the Playground for the v1 endpoint e.g. https://mycluster.com/docs/v1/playground

First, select Authorize and enter a administrator username and password to allow changes to be made. Once authenticated find the endpoint PATCH /cluster/{id}/security/cors

CORS Endpoints

After expanding the PATCH endpoint, press Try it out to open the API request for editing and leaving the ID as me we can set the following cors_configuration value.

Controlled Configuration

Using this configuration, we can lock down the CORS requests from specific hosts and controls which headers are permitted for the requests (this includes the majority headers used by vCloud Director):

{ 
  "isEnabled": true, 
  "allowedOrigins": "vcd-cell.rubrik.com", 
  "allowedHeaders": "Authorization, Origin, X-Requested-With, Content-Type, Accept, x-vcloud-authorization" 
}

Wide Open Configuration

Using the configuration will allow CORS request to made to the cluster from any location:

{ 
  "isEnabled": true, 
  "allowedOrigins": "*", 
  "allowedHeaders": "*" 
}