Allow CORS headers for Management API
In order to invoke Management REST API endpoint (like ***.management.azure-api.net/apis?api-version=vvv) from browser's JS code, CORS headers should be enabled there. Moreover, full Management REST API endpoint configuration (thru Azure portal) is very welcomed addition.
Thanks for the feedback. Can you provide more details on the scenario, e.g., why do you need to call the management API from js code in browser.
Also, you can put the management API behind the gateway and add a CORS policy.