How to resolve CORS AllowAnyOrigin and AllowCredentials conflict in ASPNET CORE Web API

less than 1 minute read

When you implement an ASP.NET CORE Web API, you may want the API to support all clients from anywhere and enable credentials at the same time.

You need to make the CORS (Cross Origin Resource Sharing) configuration in your Web API.

The configuration would be like this:

But you’ll get the following error:

System.InvalidOperationException: 'The CORS protocol does not allow specifying a wildcard (any) origin and credentials at the same time. 
Configure the CORS policy by listing individual origins if credentials needs to be supported.'

To resolve this, you can make the following configuration.

SUN Jiangong

SUN Jiangong

A senior .NET engineer, software craftsman. Passionate about new technologies.

Recent posts

Microsoft .NET challenge France 2022 final

2 minute read

How to monitor azure event hub events in real-time?

1 minute read

How to maintain legacy applications?

less than 1 minute read

What are Azure TenantId, ClientId (Application Id) and ObjectId?

2 minute read

types/uuid - Uncaught TypeError Object(...) is not a function

less than 1 minute read

Which tools you need to develop web applications in ReactJS?

2 minute read

An optimized version of function sys.fn_cdc_is_bit_set

less than 1 minute read

Microsoft .NET challenge France 2020 final

3 minute read

How to create integration tests with Entity Framework (EF) core?

2 minute read

How to upload and download file in Angular 5+ and .net core

2 minute read

MS SQL server full-text index reserved words

6 minute read

How to create unit tests on internal methods and protected methods in .net core?

2 minute read