ASP.NET Core CORS WebAPI: no Access-Control-Allow-Origin header

Here is the answer to my own question, copied from the comments: I had not noticed that in Azure portal there is a CORS section. If I don't enter any allowed origin there, my code-based configuration seems to be totally irrelevant. This looks odd to me, as I'm forced to duplicate URLs here, but once I added * to the allowed origins there it worked.


Adding the .AllowAnyHeader() method could fix your problem

app.UseCors(builder => builder.WithOrigins("http://localhost:4200")
                              .AllowAnyMethod()
                              .AllowAnyHeader());

I was facing similar error, but my error solved by keeping the pipeline in order. (startup.cs -> configureServices) like

  app.UseRouting();
  app.UseCors(options => options.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader());
  app.UseEndpoints(endpoints => .....