Generic Inquiry Access Through OData: To Configure CORS
MYOB Acumatica uses cross-origin resource sharing (CORS) to allow access to OData endpoints for client-side applications. To enforce limitations on CORS requests, you change the CORS settings for the web server of your MYOB Acumatica instance.
Important:
Because saving changes in web.config
restarts the site of the application, make sure that all users of your website are
warned about the site restart so that they can save records being entered.
To Configure CORS
- Open the web.config file, which is located in the folder that contains the application instance website.
- In the file, find the
cors
section, shown below, within theodata
section.<px.core> ... <odata enableCompression="true" compressionThreshold="860"> <cors enabled="true" origins="*" methods="*" headers="*" exposedHeaders="DataServiceVersion,MaxDataServiceVersion,OData-Version, OData-MaxVersion" /> </odata> ... </px.core>
- Specify the CORS settings in the
cors
section as follows:- To enable CORS, specify
enabled="true"
. - To disable CORS, specify
enabled="false"
. - To limit the origins that are allowed access to the application web
server, for the
origins
parameter, list the allowed origins, separated by commas. - To allow all origins, specify
origin="*"
. - To limit the methods supported by the resource, for the
methods
parameter, list the allowed methods, separated by commas. - To allow all methods, specify
methods="*"
. - To limit simple headers supported by the resource, for the
headers
parameter, list the allowed simple headers, separated by commas. - To allow all simple headers, specify
headers="*"
. - To add your own headers, for the
exposedHeaders
parameter after the default headers, list the allowed headers, separated by commas.
- To enable CORS, specify
- Save the web.config file, which automatically restarts the website.