Seeking Solutions for CORS Error in SAP BTP Cockpit with Custom Launchpad and User Management App.

Hello SAP Community,

I am currently facing a challenge with a Cross-Origin Resource Sharing (CORS) issue in an environment set up via the SAP BTP Cockpit. We have developed a custom Launchpad and a separate User Management application, each hosted under different domains within the BTP cockpit.

Issue Description: 

image (6).png




While attempting to access the User Management page from the Launchpad using its namespace, we encounter a CORS error. The browser console displays the following message:

“public-domain/” has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.

Setup Details:

  1. Launchpad Application – Serves as the central access point for various applications.
  2. User Management Application – Handles user-related functionalities, deployed under a different domain.

This issue seems to stem from the absence of the ‘Access-Control-Allow-Origin’ header in the response from the User Management application, thus preventing the Launchpad from fetching resources due to browser security policies.

Attempts to Resolve:

  • We’ve checked the deployment settings and configurations but haven’t found a clear resolution.
  • CORS settings in the SAP BTP cockpit seem to be correctly configured yet the issue persists.

Could anyone please guide me on how to correctly configure CORS settings in this scenario, or share if similar challenges have been encountered and resolved?

Any insights or guidance would be greatly appreciated as we aim to ensure seamless integration between our applications for optimal functionality.

Best regards,


Vaibhav Desai.


Scroll to Top