Cross Origin Resource Sharing (CORS) Skip to main content
https://support.okta.com/help/oktaarticledetailpage?childcateg=&id=ka0f0000000ay5ckag&source=documentation&refurl=http%3a%2f%2fsupport.okta.com%2fhelp%2fdocumentation%2fknowledge_article%2f50360933-cross-origin-resource-sharing
How satisfied are you with the Okta Help Center?
Thank you for your feedback!
How satisfied are you with the Okta Help Center?
1
2
3
4
5
Very Dissatisfied
Very satisfied
Enter content less than 200 characters.
Cross Origin Resource Sharing (CORS)
Published: Jan 10, 2015   -   Updated: Jun 22, 2018

What is CORS?

Cross-origin resource sharing (CORS) is a standard browser feature that allows JavaScript hosted on your websites to make an XMLHttpRequest (XHR) to the Okta API with the Okta session cookie.

Caution: Only grant access to specific websites that you control and trust to access the Okta API

Specifying Websites

To specify CORS settings:

  1. on the Okta Dashboard, navigate to Security > API
  2. Click Add Origin
  3. Enter the website name and URL with which you want to share resources
  4. check the CORS checkbox
  5. Select Save.