Custom Access-Control-Allow-Headers

[dkonsoftware]

Trying to find solution myself and I saw this question couple times with no answer so Im posted here. If you need to add custom allowed headers to Payload, I believe the correct approach is to add a postMiddleware function in payload.config.ts to extend the headers currently provided by Payload.

Just add the following code to payload.config.ts and change x-custom-header to yours.

express: {
    postMiddleware: [
      (_req, res, next) => {
        const existingHeaders = res.getHeader("Access-Control-Allow-Headers");
        res.header(
          "Access-Control-Allow-Headers",
          existingHeaders + ", x-custom-header"
        );
        next();
      },
    ],
  },