Domain
Last updated
Last updated
When using the website, access from unauthorized domains will be restricted. Therefore, all API access must be configured by setting the appropriate DNS records. The API also allows OneAuxilia to support session management and provide your users with the necessary tools to authenticate and manage their accounts.
In the production environment, you need to configure DNS records according to the following mechanism.
We adhere to security standards for protecting user data over the internet, granting session read access only through cookies. We strongly advise against cross-domain data access for the following reasons:
CSRF Attacks: Sharing cookies between domains can increase the risk of CSRF attacks if not properly secured.
Information Leakage: Cookies containing sensitive information may be accessed by untrusted domains."
In the production environment, you need to configure DNS records according to the following mechanism.