Invoking REST APIs in a domain different from the originating web page

IBM Security Identity Manager REST APIs support cross-origin resource sharing (CORS). CORS describes a mechanism for supporting requests that a web page sends to a server that is not in the same domain as the originating web page. You can configure CORS to control which origins can work with the IBM Security Identity Manager REST APIs.

About this task

You can modify a list of trusted domains that can access Identity Service Center REST APIs. Complete the steps.

Procedure

1. From the top-level menu of the Appliance Dashboard, select Configure > Advanced Configuration > Update Property.
2. On the Update Property page, click the All Properties tab.
3. Click the Identity server property files tab.
4. Select the rest.properties file to work with it.
5. Click New to add a property as ui.CORSOrigin. For more information, see Managing the server properties.
6. In the ui.CORSOrigin property, set the trusted domains. You can add multiple domains that are separated by white space.

Results

The domains that are listed in the ui.CORSOrigin property can only access the IBM Security Identity Manager REST APIs.

Parent topic: REST APIs