The OAuth server supports CORS. CORS is always enabled for some endpoints whereas others need explicit configuration to enable it.
The following endpoints support CORS without any configuration or setup:
These endpoints also do not require pre-flight checks.
The following endpoints can be configured to support CORS:
To enable CORS on these endpoints, refer to the CORS section of the system admin guide.