CORS with API calls
Hello, Sorry if this is an obvious question -- we're very new to XC. We're using XC with one load balancer with CORS activated. It works fine for web applications but all API calls (to our internal APIs) are blocked because of missing origin header. What is the correct way to handle it? Ask the connecting party to insert origin headers? Dedicate another load balancer (to be used for APIs only) with CORS disabled? Thank you.
F5 Roles required for Catalog Items
Having difficulty mapping required roles for a group to have proper access to catalog items. If I create a group call Security-Team and I want them to manage the security like WAF (Web App * API Protection) and Bot Defense, Web App Scanning and whatever else the Security Team should be monitoring to keep our environment safe. What Roles are required for management? They don't need access to everything, just what is required for the application security. Then we have a group called Support-Teams that need ReadOnly access to everything so they can log into F5 XC and just view everything with no ability to make changes. Not sure what Roles would get assigned to this group. Both scenarios let's assume all namespaces. Any help or direction is most appreciated.
