Securing Your App

Authorized Domains

Ensure your environment is always communicating with your app.

To enhance your security even more, each environment can only talk with an authorized origins that you set (allowlist).

Each of your environment, by default will have only 1 authorized domains: your environment host. For example:

https://<slug>.live.cakeauth.app

If you made a request from unauthorized origin, an API request will throws domains_not_authorized error.

Authorized a new Domain

If you haven't, setup your account first
Go to your environment Config sections
In the left sidebar, choose Domain.
In the top-right left, click New Domain
Insert your new domain (include the protocol), for example https://mydomain.com. Then click Create.

Revoke a Domain

Go to your environment Config sections
In the left sidebar, choose Domain.
Click the trash icon on the domain you want to revoke, and click Yes, Delete

Last updated on

Previous

Best Practices for Managing Private Key

Next

App Access Control

On this page

Authorized a new Domain Revoke a Domain