Portal B20: prefer env + config file tabs, add config key links

- Replace Kubernetes (Helm) tabs with Config file (JSON) tabs on all
  three Portal CORS steps
- Link PORTAL_CORS_ENABLE and PORTAL_CORS_ALLOWED_ORIGINS to their
  exact anchors in the configuration reference wherever they appear
  in prose and warning callouts
- Remove Type column from optional settings table

Author: sharadregoti

portal/how-to-guides/configure-cors.mdx

@@ -20,31 +20,33 @@ Cross-origin request configuration in the Developer Portal involves two independ
 Portal application CORS controls which external origins may call the Portal's own Admin API and Live Portal routes. It is configured via environment variables on the Portal process.
 
 <Warning>
-`PORTAL_CORS_ENABLE` defaults to `false`. All cross-origin requests to the Portal are rejected until you set this to `true`.
+[`PORTAL_CORS_ENABLE`](/product-stack/tyk-enterprise-developer-portal/deploy/configuration#portal-cors-enable) defaults to `false`. All cross-origin requests to the Portal are rejected until you set this to `true`.
 </Warning>
 
 1. **Enable CORS**
 
-   Set `PORTAL_CORS_ENABLE=true` on the Portal process.
+   Set [`PORTAL_CORS_ENABLE`](/product-stack/tyk-enterprise-developer-portal/deploy/configuration#portal-cors-enable) to `true` on the Portal process.
 
    <Tabs>
      <Tab title="Environment variable">
        ```ini
        PORTAL_CORS_ENABLE=true
        ```
      </Tab>
-     <Tab title="Kubernetes (Helm)">
-       ```yaml
-       extraEnvs:
-         - name: PORTAL_CORS_ENABLE
-           value: "true"
+     <Tab title="Config file">
+       ```json
+       {
+         "CORS": {
+           "Enable": true
+         }
+       }
        ```
      </Tab>
    </Tabs>
 
 2. **Set allowed origins**
 
-   Set `PORTAL_CORS_ALLOWED_ORIGINS` to the origins permitted to make cross-origin requests to the Portal. Use the exact scheme and host of each origin, separated by commas. Wildcards are supported.
+   Set [`PORTAL_CORS_ALLOWED_ORIGINS`](/product-stack/tyk-enterprise-developer-portal/deploy/configuration#portal-cors-allowed-origins) to the origins permitted to make cross-origin requests to the Portal. Use the exact scheme and host of each origin, separated by commas. Wildcards are supported.
 
    {/* TODO: Verify the default behavior when PORTAL_CORS_ALLOWED_ORIGINS is unset. Code analysis (rs/cors library) indicates an empty slice allows all origins. The configuration reference states no origins are allowed by default. Confirm with the Portal team before documenting a specific default. */}
 
@@ -54,17 +56,22 @@ Portal application CORS controls which external origins may call the Portal's ow
        PORTAL_CORS_ALLOWED_ORIGINS=https://admin.example.com,https://developer.example.com
        ```
      </Tab>
-     <Tab title="Kubernetes (Helm)">
-       ```yaml
-       extraEnvs:
-         - name: PORTAL_CORS_ALLOWED_ORIGINS
-           value: "https://admin.example.com,https://developer.example.com"
+     <Tab title="Config file">
+       ```json
+       {
+         "CORS": {
+           "AllowedOrigins": [
+             "https://admin.example.com",
+             "https://developer.example.com"
+           ]
+         }
+       }
        ```
      </Tab>
    </Tabs>
 
    <Warning>
-   Do not set `PORTAL_CORS_ALLOWED_ORIGINS` to `*` when `PORTAL_CORS_ALLOW_CREDENTIALS=true`. The CORS specification does not allow credentialed requests from wildcard origins. Specify each origin explicitly instead.
+   Do not set [`PORTAL_CORS_ALLOWED_ORIGINS`](/product-stack/tyk-enterprise-developer-portal/deploy/configuration#portal-cors-allowed-origins) to `*` when `PORTAL_CORS_ALLOW_CREDENTIALS=true`. The CORS specification does not allow credentialed requests from wildcard origins. Specify each origin explicitly instead.
    </Warning>
 
 3. **Set allowed headers and methods**
@@ -78,23 +85,24 @@ Portal application CORS controls which external origins may call the Portal's ow
        PORTAL_CORS_ALLOWED_METHODS=GET,POST,PUT,DELETE,OPTIONS
        ```
      </Tab>
-     <Tab title="Kubernetes (Helm)">
-       ```yaml
-       extraEnvs:
-         - name: PORTAL_CORS_ALLOWED_HEADERS
-           value: "Authorization,Content-Type,X-Requested-With"
-         - name: PORTAL_CORS_ALLOWED_METHODS
-           value: "GET,POST,PUT,DELETE,OPTIONS"
+     <Tab title="Config file">
+       ```json
+       {
+         "CORS": {
+           "AllowedHeaders": ["Authorization", "Content-Type", "X-Requested-With"],
+           "AllowedMethods": ["GET", "POST", "PUT", "DELETE", "OPTIONS"]
+         }
+       }
        ```
      </Tab>
    </Tabs>
 
 4. **(Optional) Configure additional CORS settings**
 
-   | Config key | Type | Default | Description |
-   |---|---|---|---|
-   | [`CORS.MaxAge`](/product-stack/tyk-enterprise-developer-portal/deploy/configuration#portal-cors-max-age) | `int` | `0` | How long, in seconds, browsers may cache the preflight response. A positive value reduces preflight round trips. |
-   | [`CORS.AllowCredentials`](/product-stack/tyk-enterprise-developer-portal/deploy/configuration#portal-cors-allow-credentials) | `bool` | `false` | Whether the Portal includes credentials (cookies, HTTP authentication) in CORS responses. |
+   | Config key | Default | Description |
+   |---|---|---|
+   | [`CORS.MaxAge`](/product-stack/tyk-enterprise-developer-portal/deploy/configuration#portal-cors-max-age) | `0` | How long, in seconds, browsers may cache the preflight response. A positive value reduces preflight round trips. |
+   | [`CORS.AllowCredentials`](/product-stack/tyk-enterprise-developer-portal/deploy/configuration#portal-cors-allow-credentials) | `false` | Whether the Portal includes credentials (cookies, HTTP authentication) in CORS responses. |
 
 5. **Restart the Portal**