CORS errors
You attempt to log in and create a WebRTC connection in a browser application to the API Gateway, but the requests from the application are blocked by the browser.
CORS error symptoms
Browser-based applications, for example WebRTC applications, usually fetch resources from various origins. For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts.
For example, a web page with JavaScript code loads from one origin URL, and the JavaScript code attempts to fetch some resources from another origin URL. The browser blocks access to those resources unless they are served with CORS headers.
IIS configuration issues might also appear as CORS errors.
In your browser Developer tools Console tab, you will see errors similar to these:
Access to fetch at 'http://test-01/api/idp/connect/token' from origin 'http://localhost' has been blocked by CORS policy: . . .
Access to fetch at 'http://test-01/api/rest/v1/WebRTC/Session' from origin 'http://localhost' has been blocked by CORS policy: . . .Cause
The webpage is not served from same host server URL as the API Gateway, and CORS support has not been enabled.
Remedy
Enable CORS support as described in Cross-Origin Resource Sharing (CORS).
Cause
Errors are sometime presented in the browser as CORS error without being actual CORS issues. If you see a CORS error message in the browser, it could be related to configuration issues in the IIS.
Remedy
Open your browser Developer tools and select the Network tab. If it is not an CORS error, the actual error will be shown here in the messages received before the CORS error.