1. Administering Oracle Content and Experience Cloud
  2. Integrate the Service
  3. Enable Cross-Origin Resource Sharing (CORS)

Enable Cross-Origin Resource Sharing (CORS)

To allow resource sharing between a browser application that integrates with Oracle Content and Experience Cloud but is hosted in a different domain, perform the following steps:

  1. After you sign in to the Oracle Content and Experience Cloud web application as an administrator, click Settings in the Administration area of the navigation menu.

  2. In the Settings menu, click Security.

  3. Under CORS (Cross-Origin Resource Sharing), enter the domains in the appropriate CORS origins text box in the format http[s]://domainname.com. Separate entries with a comma. For example, to enable CORS for an app on your server, enter a value similar to the following in both the Back Channel CORS Origins and Front Channel CORS Origins boxes:

    https://www.example.com/app

    If you use a custom domain URL, enter the custom URL as well.

  4. When you are done, click Save.

Do not use * as an origin value; it allows access from all hosts.

Security measures vary between different browsers and different browser versions. See http://www.w3.org/TR/UISecurity/.

The CORS settings apply to all Oracle Content and Experience Cloud calls (documents, social, and content as a service).