In trying to embed GD.UI components... in angular... having lots of success.. but I am getting a CORS failure when using an API token to auth:

overview:1 Access to XMLHttpRequest at '<http://localhost:3000/api/entities/workspaces/app?metaInclude=permissions>' from origin '<http://localhost:4200>' has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.

It seems it does not like the Authorization bearer header in the preflight options request. Might there be any suggestions, or any way to adjust the accept headers parameter on the server side? CORS works when I use a different auth method Thanks in advance for the stellar help!