CORS doesn't work in my API after I published in .NET 7

[joolmosd]

Hi everyone in this moment I have a problem with the CORS policy, I created the API in .NET 7.0.400 and when I run the API on localhost the CORS works perfectly but when I publish my API in a server IIS the CORS doesn't work.

I have readed the official documentation of Microsoft

https://learn.microsoft.com/en-us/aspnet/core/security/cors?view=aspnetcore-3.1#enable-cors

and have followed the steps that they said but I have not any result. Also I procedure to enable CORS in IIS and in my web.config I put the CORS policy, like that

the CORS policy that I create is this

builder.Services.AddCors(option =>

    option.AddDefaultPolicy(
        build =>
        {
            build
            .WithOrigins("https://clubdelconocimiento.co.pwc.com")
            .AllowAnyHeader()
            .AllowAnyMethod()
            .WithExposedHeaders("Authorization");
        }


    )


);

and this is the order of my middlewares, according of this documentation

https://learn.microsoft.com/en-us/aspnet/core/fundamentals/middleware/?view=aspnetcore-7.0#middleware-order

var app = builder.Build();

// Configure the HTTP request pipeline.
app.UseSwagger();
app.UseSwaggerUI();

//Redirige peticiones HTTP a su equivalente como lo es HTTPS
//app.UseHttpsRedirection();

//Habilita el enrutamiento de solicitudes y determina a que controlador
// y accion debe enviarse una solicitud
app.UseRouting();


app.UseCors("AllowAll");

// se le dice a la aplicacion que use las reglas de CORS
//app.UseCors(myRulesOfCors);
app.UseCors();



//Se le dice que use la autenticacion
app.UseAuthentication();


// Configuración del límite de velocidad
app.UseIpRateLimiting();

app.UseHttpsRedirection();

app.UseAuthorization();

app.MapControllers();

app.Run();

Exist something more that I shoulded to configure in my API for CORS policy works when I publish it?

[lextm]

IIS side CORS settings require the out-of-band CORS module, so you might configure that as well