Why am I receiving an Invalid CORS origin error when using REST API?
Starting from Oracle B2C Service version August 2017
The following error is received when making a REST incident request:
"title": "Invalid CORS origin",
"detail": "The CORS request origin used is not supported",
"instance": "https:// customersite.custhelp.com/services/rest/connect/latest/incidents/1",
By modifying the configuration setting PAPI_CORS_DOMAIN_LIST, you can specify the domain from where the Cross-Origin Resource Sharing request will originate. This defines which hosts are allowed Cross-Origin Resource Sharing support in the REST API.
The configuration setting PAPI_CORS_DOMAIN_LIST is visible and can be adjusted accordingly from the console by navigating to Configuration > Site Configuration > Configuration Settings.
Format: https://(www.)<hostname>.(xxx|xx.xx)(:optional port number)
Characters allowed in hostname: (._-:~)
Path to setting(s): Select Configuration from the navigation area > Site Configuration > Configuration Settings > and search by Key.