Front: headers: { 'Content-Type': 'application/json', 'Accept': '*/*', 'Authorization' : '', 'Origin': 'http://localhost:3000', 'Mode': 'cors' }, Back: builder.Services.AddPersistence(builder.Configuration); var MyAllowSpecificOrigins = "_myAllowSpecificOrigins"; builder.Services.AddCors(options => { options.AddPolicy(MyAllowSpecificOrigins, policy => { //mettre le front policy.WithOrigins("http://localhost:3000") .AllowAnyHeader() .AllowAnyMethod(); }); });