Configure CORS

Instructions for configuring cross-origin resource sharing for AWS S3, GCS, and Microsoft Azure.

CORS (Cross-origin resource sharing) is a browser mechanism that enables restricted access across domain boundaries that would otherwise be prohibited by default browser restrictions. The CORS header enables Labelbox to send a pre-flight request to your cloud storage and enables your cloud storage to explicitly allow requests from Labelbox. If the Labelbox domains are included in the CORS header, Labelbox will be able to request resources from your cloud storage.

When configuring CORS for your cloud storage bucket, you will need to include both of these Labelbox origins: and


  1. In your AWS account, go to your S3 Management Console.

  2. Click the bucket name in the list of buckets.

  3. Go to the Permissions tab.

  4. In the Cross-origin resource sharing (CORS) section, click Edit.

  5. Paste the following configuration in the text field.

        "AllowedHeaders": [
        "AllowedMethods": [
        "AllowedOrigins": [
        "ExposeHeaders": []
  1. Click Save changes.

  2. For more details on setting up CORS for your AWS S3 bucket, see these AWS docs.

Google Cloud Storage (GCS)

In the following commands, replace with your own bucket name (ex: gs://my-bucket)

  1. Log in to the Google Cloud Platform console.

  2. Click the Activate Cloud Shell button in the top-right corner to open the Cloud Shell.

  3. In Cloud Shell, create a JSON file containing the CORS configuration by entering the following command:

echo '[{"origin":["",""],"method":["GET"],"responseHeader":["*"]}]' > cors-config.json
  1. Apply the CORS configuration to the bucket using the following command:
gsutil cors set cors-config.json gs://<bucket-name>
  1. Check the CORS configuration using the following command:
gsutil cors get gs://<bucket-name>

Microsoft Azure

  1. Log into your Microsoft Azure portal.

  2. Navigate to the desired Storage Account.

  3. In the left pane, click Settings > Resource sharing (CORS).

  4. Select the Blob Service tab.

  5. Enter the following settings.

  1. Click Save.


Error messageTroubleshooting
Unable to detect proper CORS configurationEnsure your cloud storage bucket has CORS configured with the following origins: and

For more troubleshooting help, see:
- AWS troubleshooting CORS
- GCS troubleshooting CORS requests
- Cross-Origin Resource Sharing (CORS) support for Azure Storage