---
title: "Configuring CORS"
date: "2025-08-05T18:46:58+00:00"
summary: "Learn how to configure CORS for secure API communication between your front-end apps and CMS. Step-by-step guide included."
image:
type: "page"
url: "/acquia-source/configuring-cors"
id: "16478826-17d4-4a5a-b1e7-dc73a32fc69f"
---

Cross-Origin Resource Sharing (CORS) is essential for allowing front-end applications to communicate with the Application Programming Interfaces (APIs) in your Content Management System (CMS). For detailed information about CORS, visit the [MDN Web Docs CORS documentation](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS).

The CMS has CORS enabled by default, permitting access from any origin. However, it can be adjusted to authorize only specified IP addresses or domains that will use the CMS's APIs.

To set up CORS:

1.  [Access your site](/node/69836#access-a-site).
2.  In the left sidebar, click **API** > **CORS configuration**.
3.  In the **Allowed origins** field, update the settings to include the IPs or domains of the front-end applications.
4.  Click **Save configuration**.