AdonisJS 5.0 is here! Learn More


Table of Contents

Cross-Origin Resource Sharing(CORS) is a way to allow incoming HTTP requests from different domains. It is very common in AJAX applications where the browser blocks all cross-domain requests if the server does not authorize them. Read more about CORS here.


Install the middleware provider from npm by executing the following command.

adonis install @adonisjs/cors

Next, register the provider inside start/app.js file.

const providers = [

The middleware will be registered inside start/kernel.js file.



The configuration for CORS is defined inside config/cors.js file and accepts following options.


The origin(s) to be allowed for making cross domain requests. You can return one of the following values.

  • A boolean true or false to deny the current request origin.

  • A comma separated strings of domains to be allowed.

  • An array of domains to be allowed.

  • A function, which receives current request origin. Here you can compute whether or not the origin is allowed by returning true or false.

    origin: function (currentOrigin) {
      return currentOrigin === ''

For all other options, go through the comments inside the config file.