Configuring and Using the Domain Allowlist

The Retail Home REST services restrict access to clients being served by trusted hosts. This is accomplished using an allowlist of allowed domains. Domains that are not on the allowlist will result in requests being rejected and no CORS headers will be applied to responses. The domain allowlist is generated as part of the container configuration and is not configurable.