Entrust Identity as a Service™ Administrator Help
Click here to see this page in full context

Report errors or omissions

  1. Home >
  2. Manage Cross Origin Resource Sharing (CORS)

 

Manage Cross Origin Resource Sharing (CORS)

The Cross Origin Resource Sharing (CORS) feature prevents a Web page from making a request initiated from another origin. When enabled, other origins can make API calls to your account.

Enable CORS

Click > Configuration > Cross Origin Resource Sharing. The Cross Origin Resource Sharing page appears.

Select Enable CORS.

Click Add. Enter the allowed origin. Origins have the following options and limitations:

The origin must be in the following format: <http | https> "://" <hostname> [ ":" <port> ]

Origins must begin with HTTP or HTTPS

You can use the localhost for development purposes; however, Entrust does not recommend using it for production environments.

HTTP is the only supported protocol for localhost.

Limitations:

The hostname value cannot include a wildcard  (for example, https://*mydomain.com)

The port supports the *  wildcard (for example, https://www.test.com:*).

If a port value is not provided, the default posts are used: port 80 for  HTTP and port 443 for HTTPS.

Repeat step 3 to add more allowed origins.

Note: When you add CORS values, it automatically adds the CORS Redirect URI to OIDC and OAuth applications. See the Redirect URI setting in Integrate generic OIDC and OAuth application.