I am trying to allow cors requests for my microservice deployed on btp kyma. The microservice locally does add all the required cors headers but when deployed on to Kyma they are being overridden. I tried to add headers manually on the api rule as follows:

      mutators:
        - handler: header
          config:
            headers:
              cors-header: cors-header-value

But this is not working. Is there any other way to allow this?

Tried to use apirule configuration but it didn’t work

>Solution :

You can update the virtual service associated with this api rule with the cors headers as follows:

spec:
  http:
    - corsPolicy:
        allowCredentials: true
        allowHeaders:
          - Authorization
          - Content-Type
        allowMethods:
          - GET
          - POST
          - PUT
          - DELETE
          - PATCH
        allowOrigins:
          - regex: .*

Either create an apirule manually or update your apirule to use an existing virtual service.