You can make CORS settings for the Login API endpoints supplied as standard and the API endpoints you have created. You can use the CORS settings to control from which websites or portals the API endpoints can be called (in the browser).
CORS settings for API login endpoints
The CORS settings for Login API Endpoint are made in the portal properties.
Step-by-step guide
Proceed as follows to make the CORS settings for API login endpoints:
-
Open the portal properties ("Portal" > "Properties")
-
Select the "Security" entry.
-
Switch to the "CORS settings for login endpoints" tab
-
Click on the
icon.A dialog box for entering the origin domain is displayed.
-
Enter the origin domain.
For the origin domain to be valid, the protocol, host, and port (optional) must be specified.
-
Click on "OK".
The origin domain is displayed.
CORS settings for Application API endpoints
Step-by-step guide
Proceed as follows to make the CORS settings for Application API endpoints:
-
Start the application.
-
Click on the "API endpoints" area.
Make sure that the API endpoints view is activated.
("View" > "API endpoints")
-
Select the endpoint for which you want to make the CORS settings.
You can also mark multiple endpoints and make the CORS settings for all marked endpoints at the same time.
-
Click on the
icon.
The "API settings" dialog box is displayed.
Allow All Origins (*)
The option "Allow all origins (*)" sets a wildcard as origin and thus allows access to the endpoints from all possible sources.
Use Whitelist
The whitelist can be used to allow endpoints to be called from individual sources. By default, an empty whitelist is selected. This allows the API endpoints to be called only from within the same domain.
-
Click on the
icon to create an entry for the whitelist. -
Click on "OK".
Send us an e-mail