Permitting web browsers to access a REST API by using Cross-Origin Resource Sharing
Permit web pages that are running in a web browser to make requests to a REST API that is running in IBM® App Connect Enterprise by enabling Cross-Origin Resource Sharing (CORS).
Before you begin
About this task
Procedure
To permit a web browser to access a REST API, complete the following steps:
- Configure the integration server HTTP listener to enable CORS as described in HTTP listeners.
-
Ensure that the CORS configuration meets the requirements for
all operations that are deployed in the REST API.
To permit cross-origin requests for additional HTTP methods, additional HTTP headers, or to allow authentication information to be passed into the REST API, you might have to change some extra parameters. For more information about requirements for a RESTAPI, see Developing integration solutions by using REST APIs.
Results
What to do next
You can also complete the following optional tasks:
- Secure your REST API by using HTTPS for encrypting communications between client and server, see Securing a REST API by using HTTPS.
- Secure your REST API by authenticating users with HTTP Basic Authentication, see Securing a REST API by using HTTP Basic Authentication.