By adding the correct “version” header to the request we were able to get through to the endpoint fine, but I want to be sure I understand what you’re trying to do.
Are you trying to see if you can remove the CORS header from the upstream, and replace it with your own in Tyk?
If you’re interested in a call to discuss your plans you can arrange that with @Andrew directly.
Thanks,
Luan