Hybrid Data Pipeline supports cross-origin resource sharing (CORS) filters that allow the sharing of web resources across domains. Configuring CORS behavior is a two part process. An administrator must enable CORS behavior via the Limits API and create a whitelist of trusted origins. The CORS Whitelist API is used to create and manage a CORS whitelist. (See also Configuring CORS behavior.)

To create and manage a whitelist, the administrator must have either the Administrator (12) permission or the CORSwhitelist (23) permission and administrative access on the default system tenant.

The following table summarizes the operations that are supported with the CORS Whitelist API.

Operation Request URL
Retrieve the CORS whitelist GET https://<myserver>:<port>/api/admin/security/cors/whitelist
Create a CORS whitelist or add trusted origins to a CORS whitelist POST https://<myserver>:<port>/api/admin/security/cors/whitelist
Retrieve information on a trusted origin GET https://<myserver>:<port>/api/admin/security/cors/whitelist/{id}
Update information on a trusted origin PUT https://<myserver>:<port>/api/admin/security/cors/whitelist/{id}
Delete a trusted origin DELETE https://<myserver>:<port>/api/admin/security/cors/whitelist/{id}