Enable CORS in ASP.NET Core API

Browsers do not allow cross origin communication for security reasons. This means if an ASP.NET Core web API housed in one web app is called by JavaScript code running as a part of another web app, the communication attempt will fail. However, you can alter this default behavior by adding some configuration in your API application. To that end this article discusses how that task can be accomplished.

http://www.binaryintellect.net/articles/02ddd0a1-85a2-4fb8-a517-498a665e724a.aspx