If incoming CORS requests go through a reverse proxy, a load balancer, or an additional web server prior to reaching your portal, the restrictions made using the following steps may not be honored. In these cases, you will need to configure the reverse proxy, load balancer, or web server to follow the same restrictions as your portal.
- Log in to your portal as an administrator.
- Click Organization > Settings > Security.
- Scroll down to Allow Origins.
- Enter the domain name of the site hosting the web application that needs access to items on your portal. The protocol (http or https) must be included with the domain name, such as https://webapp.domain.com.
Use of the * wildcard character as a substitute for the machine name is not supported. You must specify the fully qualified domain name of the machine in the list.
- Click Add Domain to add the site to the list. Once you've added one or more domains, the portal will only accept CORS requests from those specified domains. Repeat this for each site you want to be able to send requests to your portal.
- When you're finished adding domains, click Save.