This topic describes about IP whitelisting.

The customer must update the CORS_ALLOWED_ORIGINS property within the SECURITY_CONFIG table to specify the host addresses permitted to access the application. Multiple values can be provided as a comma-separated list. Any IP address not explicitly included in this list will be denied access.

The whitelisted IP addresses which are allowed access will be reflected in the Access-Control-Allow-Origin response header.