RewriteEngine On

Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, X-API-KEY"
Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"

# Allow direct access to documentation
RewriteCond %{REQUEST_URI} documentation\.php$ [NC]
RewriteRule .* - [L]

# Route all other requests to api.php
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ api.php [QSA,L]