Unfortunately the RestServices module does not support CORS requests out of the box. The good news it is easy to add support:
In the RestServices.HTTPMethod enum add an OPTIONS value so that you have GET, POST, PUT, DELETE and OPTIONS.
Publish another API on the same URL as your POST and allow method OPTIONS.
Create a Microflow for the OPTIONS medthod and return the following headers in an empty response:
Access-Control-Allow-Headers: Content-Type, Authorization
IMPORTANT!: Make sure you set the Access-Control-Allow-Origin to only urls/domains that you know will access the API for better security.
It sounds like you may have seen this response before. Have you tried adding the headers using the java action in the REST module?