CORS

Configure Cross Origin Resource Sharing for your headless API.

CORS issues are a common problem when fetching data from a different domain. To allow cross-origin requests, Kirby Headless responds with the appropriate CORS headers for preflight requests. You can customize the CORS configuration in your config.php:

config.php

return [
    'headless' => [
        // Default CORS configuration
        'cors' => [
            'allowOrigin' => '*',
            'allowMethods' => 'GET, POST, OPTIONS',
            'allowHeaders' => 'Accept, Content-Type, Authorization, X-Language',
            'maxAge' => '86400',
        ]
    ]
];

Authentication

Configure bearer token authentication for your headless API.

Panel Configuration

Configure the Kirby Panel for headless usage.

CORS

Cross Origin Resource Sharing (CORS)