Error- Preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource

I am trying to call a secured rest API from the angular app. This rest API is running on WAS, and it is validating a JWT token. While running the application in google chrome, it is giving the below error:

Response to the preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access.

The same call is working fine in IE and postman. Could you pls help me here?

It's because of Chrome sends an OPTIONS request prior to the request you specify. The server needs to be configured to allow the CORS for that method.

My Rest API is running on IBM WebSphere 8.0.4 Can you pls share the step to configure CORS on it?

Add these headers to all responses ... Access-Control-Allow-Origin: * Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT - beware this allows any client to request from it - you may want to restrict it some more but this should get you started - I've never used IBM before so can't help with the gritty details on how to configure it

okay i have hundreds of the apis in the wrapper. Is there any convenient way of resolving this issue? Is there anyone who can tell me how to configure CORS on websphere server?

ask a new so question for that issue specifically

@danday74 RE your statement only browsers enforce CORS ... would seem to say that the server receives the request, and sends a response back; It is the browser that refuses to process the response further; am i correct in thinking like that?