Grant cross-origin access to websites

You can enable CORS for websites that need cross-origin requests to the Okta API using the Developer Console.

  1. Select API and then Trusted Origins. From the Admin Console (Classic UI), select Security > API > Trusted Origins.
  2. Select Add Origin and then enter a name for the organization origin.
  3. In the Origin URL box, specify the base URL of the website that you want to allow cross-origin requests from.
  4. Make sure that CORS is selected as the Type. You can also enable the Redirect setting, which allows for redirection to this Trusted Origin after a user signs in or out.
  5. Click Save.

Note: If you don't enable CORS, or disable it at a later date, the list of websites is retained.