Cors (Allow method) is not available in options request

I am getting Cors error in browser console.

"XMLHttpRequest cannot load http://localhost:9000/store/get/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:33844' is therefore not allowed access. The response had HTTP status code 400."

I am using .NetCore 2.0, webapi with kestrell server. I have added nuget packages, 

    <PackageReference Include="Microsoft.AspNetCore.Cors" Version="2.0.1" />    

    <PackageReference Include="Microsoft.AspNetCore.Mvc" Version="2.0.1" />    

    <PackageReference Include="Microsoft.AspNetCore.Mvc.Core" Version="2.0.1" />    

    <PackageReference Include="Microsoft.AspNetCore.Mvc.Cors" Version="2.0.1" />

My Startup class is as below

public void ConfigureServices(IServiceCollection services)
        {
            var config = ServicesManager.Instance.Resolve<ICoreConfiguration>();
            // Add framework services.
            services.AddCors();
            services.AddRouting();
            services.AddLogging();
            ConfigureAuth(config, services);
            services.AddSingleton<IControllerActivator>(new ServiceCompositionRoute(ServicesManager.Instance));
            services.AddMvc();

        }

        // This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
        public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory)
        {

            var config = ServicesManager.Instance.Resolve<ICoreConfiguration>();
            //loggerFactory.AddConsole(); //log levels set in your configuration
            //loggerFactory.AddDebug();
            app.UseCors(builder =>
            {
                builder.AllowAnyOrigin().AllowAnyHeader()
               .AllowAnyMethod().AllowCredentials()
              ;
            });
            app.UseAuthentication();
            app.UseException(ServicesManager.Instance);
            app.UseExceptionHandler();

            app.Map(config.AuthIdPath, posauthid =>
            {
                posauthid.MapWhen(c => c.Request.Method.ToLower() == "get", ReturnAuthKey);
                posauthid.MapWhen(c => c.Request.Method.ToLower() == "post", ReturnAuthDecrypted);
            });
            //app.UsePosAuth(ServicesManager.Instance);


            app.UseMvc();
        }

I tried changing the order of app.usecors(), services.addcors(). It is not working. In options response I am getting, Allow-header, allow-credential, allow-origin. But no allow-method.

RequestHeader
Accept:*/*
Accept-Encoding:gzip, deflate, sdch, br
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:authorization,content-type,x-application,x-employeeno,x-runningmode,x-storeno,x-terminalno
Access-Control-Request-Method:GET
Cache-Control:no-cache
Connection:keep-alive
Host:localhost:9000
Origin:http://localhost:33844
Pragma:no-cache
Referer:http://localhost:33844/
User-Agent:Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36

ResponseHeader
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:authorization,content-type,x-application,x-employeeno,x-runningmode,x-storeno,x-terminalno
Access-Control-Allow-Origin:http://localhost:33844
Date:Wed, 06 Dec 2017 09:14:56 GMT
Server:Kestrel
Vary:Origin