# CORS Config > CORS configuration with allowed origins, methods, headers, and credentials. - Name: `cors-config` - Categories: api - Detail page: https://open-types.dev/types/cors-config ## Install ```bash # Types only npx shadcn add @open-types/cors-config # Types + Zod v4 validators npx shadcn add @open-types/cors-config-zod # Types + real-world examples npx shadcn add @open-types/cors-config-examples ``` ## Types ```typescript export interface CORSConfig { allow_origin: string | string[]; allow_methods?: string[]; allow_headers?: string[]; expose_headers?: string[]; allow_credentials?: boolean; max_age?: number; } ``` ## Zod validator ```typescript import * as z from "zod"; import type { CORSConfig } from "../types/cors-config"; export const corsConfigSchema = z.object({ allow_origin: z.union([z.string(), z.array(z.string())]), allow_methods: z.array(z.string()).optional(), allow_headers: z.array(z.string()).optional(), expose_headers: z.array(z.string()).optional(), allow_credentials: z.boolean().optional(), max_age: z.number().optional(), }) satisfies z.ZodType; export type { CORSConfig } from "../types/cors-config"; ``` ## Examples ```typescript // Source: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS // Captured: 2026-05 import type { CORSConfig } from "../types/cors-config"; export const corsConfigExamples = { wildcard: { allow_origin: "*", allow_methods: ["GET", "POST", "OPTIONS"], allow_headers: ["Content-Type", "Authorization"], max_age: 86400, } satisfies CORSConfig, explicitOrigins: { allow_origin: ["https://app.example.com", "https://admin.example.com"], allow_methods: ["GET", "POST", "PUT", "PATCH", "DELETE"], allow_headers: ["Content-Type", "Authorization", "X-Request-Id"], expose_headers: ["X-Request-Id", "X-RateLimit-Remaining"], allow_credentials: true, max_age: 3600, } satisfies CORSConfig, publicApi: { allow_origin: "*", allow_methods: ["GET"], } satisfies CORSConfig, singleOrigin: { allow_origin: "https://app.example.com", allow_credentials: true, } satisfies CORSConfig, } as const; ```