CORS is not set correctly for the API server

[doctorpangloss]

You must specify that the end user's Ingress should add the appropriate CORS headers, or you should propagate the configuration to the API server from values.yaml, to ensure that the frontend URL is correctly CORS-enabled.

For the Ingress corresponding to the API, these nginx location snippets address the issue

add_header 'Access-Control-Allow-Origin' 'https://frontendurl.yourdomain.com';
add_header 'Vary' 'Origin';
add_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,apollographql-client-name,apollographql-client-version,x-lago-organization,customer-portal-token';

via apollographql/apollo-client#4164

[joaomirandas]

Thanks @doctorpangloss - but i made a small modifications in your suggestions,
For me running docker compose behind an NGINX inside a ubuntu linux instance i used:

proxy_set_header 'Access-Control-Allow-Origin' 'https://frontendurl.yourdomain.com,*';
proxy_set_header 'Vary' 'Origin';
proxy_set_header 'Access-Control-Allow-Methods' 'GET, PUT, POST, DELETE, OPTIONS';
proxy_set_header 'Access-Control-Allow-Headers' 'DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,apollographql-client-name,apollographql-client-version,x-lago-organization,customer-portal-token';

[jdenquin]

Linked to getlago/lago#368