How do I ensure that only API requests coming from specific, approved domains or origins are allowed?

Shilpa Rao

• November 07, 2024 08:54

0

• 

  Rajnish Kucheria

  • November 11, 2024 13:06

  To ensure that only requests from specific, approved domains or origins are allowed, you need to configure CORS settings for your API. 

  In Quickwork's API Management tool:

  1. Go to the API endpoint configuration.
  2. Enter the approved domain names (e.g., https://example.com) in the CORS field. Separate multiple domains with commas.
  3. To allow access from any domain, use an asterisk (*) or leave the CORS field blank, though this is less secure.

  0

Please sign in to leave a comment.