- CORS
- Security
AWS API Gateway CORS Object
Specifies the cross-origin resource sharing (CORS) configuration for an HTTP API. The extension applies to the root-level OpenAPI structure. To learn more, see Configuring CORS for an HTTP API.
{"x-amazon-apigateway-cors":{"allowOrigins":["https://www.example.com"],"allowCredentials":true,"exposeHeaders":["x-apigateway-header","x-amz-date","content-type"],"maxAge":3600,"allowMethods":["GET","OPTIONS","POST"],"allowHeaders":["x-apigateway-header","x-amz-date","content-type"]}}