CORS (Cross-Origin Resource Sharing) is a standard implemented by browsers for ensuring that only the allowed clients actually access your API, see https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS.
One of the biggest pain-points when deploying your API that is consumed by a browser application is not having the correct CORS configuration on your API Server. Fortunately, Kusk makes configuring CORS for your API easy - add the corresponding CORS extension to your OpenAPI definition at the desired level (usually the root):
If you want to override CORS settings for a specific operation or path you can do so. For example, to change the allowed origins for a specific operation you could add:
See all available CORS configuration options in the Extension Reference.