| title | corsConfiguration_v2 resource type |
|---|---|
| description | Represents the CORS settings for an on-premises web application segment published via application proxy. |
| ms.localizationpriority | medium |
| author | dhruvinrshah |
| ms.subservice | entra-applications |
| doc_type | resourcePageType |
| ms.date | 12/19/2024 |
Namespace: microsoft.graph
[!INCLUDE beta-disclaimer]
Represents the CORS settings for the webApplicationSegment resource when publishing an on-premises application through Microsoft Entra application proxy. For more information, see Understand and solve Microsoft Entra application proxy CORS issues.
| Method | Return type | Description |
|---|---|---|
| List | corsConfiguration_v2 collection | Get a list of the corsConfiguration_v2 objects and their properties. |
| Create | corsConfiguration_v2 | Create a new corsConfiguration_v2 object. |
| Get | corsConfiguration_v2 | Read the properties and relationships of a corsConfiguration_v2 object. |
| Update | corsConfiguration_v2 | Update the properties of a corsConfiguration_v2 object. |
| Delete | None | Delete a corsConfiguration_v2 object. |
| Property | Type | Description |
|---|---|---|
| allowedHeaders | String Collection | The request headers that the origin domain may specify on the CORS request. The wildcard character * indicates that any header beginning with the specified prefix is allowed. |
| allowedMethods | String Collection | The HTTP request methods that the origin domain may use for a CORS request. |
| allowedOrigins | String Collection | The origin domains that are permitted to make a request against the service via CORS. The origin domain is the domain from which the request originates. The origin must be an exact case-sensitive match with the origin that the user agent sends to the service. |
| id | String | The unique identifier for the CORS configuration that is assigned to a CORS rule by Microsoft Entra ID. Not nullable. Read-only. Supports $filter (eq). |
| maxAgeInSeconds | Integer | The maximum amount of time that a browser should cache the response to the preflight OPTIONS request. |
| resource | String | Resource within the application segment for which CORS permissions are granted. / grants permission for the whole app segment. |
None.
The following JSON representation shows the resource type.
{
"@odata.type": "microsoft.graph.corsConfiguration_v2",
"allowedHeaders": [
"String"
],
"allowedMethods": [
"String"
],
"allowedOrigins": [
"String"
],
"id": "String (identifier)",
"maxAgeInSeconds": "Integer",
"resource": "String"
}