While configure an on-premise application for remote access through application proxy in azure active directory, HRWeb and API end point to different domain ( hrweb.contoso and hrwebapi.contoso) both of them are published through azure, facing issue with CORS error. If we remove the particular domain, then the site is reachable and no CORS error. When checking from Server or Local network its working only issue through azure proxy. could you please help to resolve

Error- Access to XML HttpRequest at ''; from origin '''' has been blocked by CORS policy: Response to preflight request doesnt pass access control check: No ''Access-Control-Allow-Origin'' header is present on the requested resource.

Configured CORS in applications as:

<add name="Access-Control-Allow-Origin" value="*" />  
<add name="Access-Control-Allow-Methods" value="*" />

API:

options.AddPolicy("CorsPolicy",
    builder => builder.AllowAnyOrigin()
    .AllowAnyMethod()
    .AllowAnyHeader());