Grant cross-origin access to websites

You can enable CORS for websites that need cross-origin requests to the Okta API.

  1. Select Security and then API.
  2. Select the Trusted Origins tab.
  3. Select Add Origin and then enter a name for the organization origin.
  4. In the Origin URL box, specify the base URL of the website that you want to allow cross-origin requests from.
  5. Make sure that CORS is selected as the Type. You can also enable the Redirect setting, which allows for redirection to this Trusted Origin after a user signs in or out.
  6. Click Save.

Note: If you don't enable CORS, or disable it at a later date, the list of websites is retained.