Grant cross-origin access to websites
You can enable CORS for websites that need cross-origin requests to the Okta API using the Developer Console.
- Select API and then Trusted Origins. From the Admin Console (Classic UI), select Security > API > Trusted Origins.
- Select Add Origin and then enter a name for the organization origin.
- In the Origin URL box, specify the base URL of the website that you want to allow cross-origin requests from.
- Make sure that CORS is selected as the Type. You can also enable the Redirect setting, which allows for redirection to this Trusted Origin after a user signs in or out.
- Click Save.
Note: If you don't enable CORS, or disable it at a later date, the list of websites is retained.