Permitting web browsers to access a REST API by using Cross-Origin Resource Sharing
Permit web pages that are running in a web browser to make requests to a REST API that is running in IBM® Integration Bus by enabling Cross-Origin Resource Sharing (CORS).
Before you begin
About this task
Procedure
To permit a web browser to access a REST API, complete the following steps:
- Configure the integration server HTTP listener to enable CORS, see Permitting web browsers to access deployed HTTP services by enabling Cross-Origin Resource Sharing.
-
Ensure that the CORS configuration meets the requirements for all operations that are deployed in the REST API.
To permit cross-origin requests for additional HTTP methods, additional HTTP headers, or to allow authentication information to be passed into the REST API, you might have to change some extra parameters.
Results
What to do next
You can also complete the following optional tasks:
- Secure your REST API by using HTTPS for encrypting communications between client and server, see Securing a REST API by using HTTPS.
- Secure your REST API by authenticating users with HTTP Basic Authentication, see Securing a REST API by using HTTP Basic Authentication.