CORS Reference

Cross-Origin Resource Sharing (CORS) Configuration

Cross-Origin Resources Sharing (CORS) provide a mechanism to control permission to resources on a server on a different domain or origin than the originating request.

Practically this means that in order to make HTTP requests in JavaScript to FusionAuth when the request is coming from a different domain CORS needs to be configured to allow the request.

The following URLs or URL patterns are allowed through the CORS filter.


If you need further assistance, or require additional endpoints allowed through the CORS filter, ask a question on Stack Overflow or open an issue on Github if you have additional questions. If you have a support contract you may send a request to