Operations with Specific RestCorsSettings

This resource lets you work with the Resource Sharing settings of your YouTrack service.

Resource	/api/admin/globalSettings/restSettings
Returned entity	RestCorsSettings. For the description of the entity attributes, see Supported Fields section.
Supported methods	`GET`: Read a Specific RestCorsSettings. `POST`: Update a Specific RestCorsSettings.

RestCorsSettings attributes

Represents the Resource Sharing (CORS) configuration of the service.

This table describes attributes of the RestCorsSettings entity.

To receive an attribute in the response from server, specify it explicitly in the request parameter fields.
To update an attribute, provide it in the body of a POST request.

Field	Type	Description
allowedOrigins	Array of Strings	Origins that are allowed for cross-origin requests.
allowAllOrigins	Boolean	Indicates whether requests from all origins are allowed.

Read a Specific RestCorsSettings

Read the Resource Sharing settings of your YouTrack service.

Request syntax

GET /api/admin/globalSettings/restSettings?{fields}

Request parameters

Parameter	Type	Description
fields	String	A list of RestCorsSettings attributes that should be returned in the response. If no field is specified,only the `entityID` is returned

Sample

Sample request

curl -L -X GET 'https://example.myjetbrains.com/youtrack/api/admin/globalSettings/restSettings?fields=allowAllOrigins,allowedOrigins' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer perm:am9obi5kb2U=.UG9zdG1hbiBKb2huIERvZQ==.jJe0eYhhkV271j1lCpfknNYOEakNk7'
            

Sample response body

{
  "allowAllOrigins": false,
  "allowedOrigins": [],
  "$type": "RestCorsSettings"
}
            

Update a Specific RestCorsSettings

Change the Resource Sharing settings of your YouTrack service.

Required permissions

Requires Low-level Admin Write permission.

Request syntax

POST /api/admin/globalSettings/restSettings?{fields}

Request parameters

Parameter	Type	Description
fields	String	A list of RestCorsSettings attributes that should be returned in the response. If no field is specified,only the `entityID` is returned

Sample

Sample request

curl -L -X POST 'https://example.myjetbrains.com/youtrack/api/admin/globalSettings/restSettings?fields=allowAllOrigins,allowedOrigins' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer perm:am9obi5kb2U=.UG9zdG1hbiBKb2huIERvZQ==.jJe0eYhhkV271j1lCpfknNYOEakNk7' \
--data-raw '{
    "allowedOrigins": [
        "https://foo.example/staging:8080",
        "https://foo.example/internal:8342"
    ]
}'
            

Sample request body

{
  "allowedOrigins": [
    "https://domain.example:8080",
    "https://internal.domain.example:8342"
  ]
}
            

Sample response body

{
  "allowAllOrigins": false,
  "allowedOrigins": [
    "https://domain.example:8080",
    "https://internal.domain.example:8342"
  ],
  "$type": "RestCorsSettings"
}
            

Last modified: 30 March 2021