LogoLogo
  • Welcome to OneAuxilia Docx
  • UI Component
    • Overview
    • <OneAuxiliaProvider>
    • Authentication Components
      • <SignIn />
      • <SignUp />
      • <GoogleOneTap />
    • User Components
      • <UserButton />
      • <UserProfile />
    • Organization Components
      • <CreateOrganization />
      • <OrganizationProfile />
      • <OrganizationSwitcher />
      • <OrganizationList />
    • Control Components
      • <AuthenticateWithRedirectCallback />
      • <OneAuxiliaLoaded>
      • <OneAuxiliaLoading>
      • <Protect>
      • <MultisessionAppSupport>
      • <RedirectToSignIn />
      • <RedirectToSignUp />
      • <RedirectToUserProfile />
      • <RedirectToOrganizationProfile />
      • <RedirectToCreateOrganization />
      • <SignedIn>
      • <SignedOut>
    • Unstyled Components
      • <SignInButton>
      • <SignInWithMetamaskButton>
      • <SignUpButton>
      • <SignOutButton>
  • Quick Start
  • Users
    • Overview
    • Metadata
    • Delete User
  • Organization
    • Organization, Role and Permission
      • Overview
      • Role and Permission
      • Guides
        • Create Role and assign Permission
        • Verify the active user's permission
        • Reassign the Creator role
      • Building custom flow
    • Multi Tenant Setting
  • Application
    • Application
    • User Portal
  • Authentication
    • Setting
    • Social Connectors
    • Multi Factor
  • Customize
    • Branding
    • Sign Up vs Sign In
      • Overview
      • Configuration
        • Sign-up and Sign-in options
        • Session Option
        • Email and SMS templates
      • Social Connection
        • Overview
        • Social connections (OAuth)
        • Account Linking
        • Setup Social Account Linking
  • Development
    • API Key
    • Local Path
    • Custom JWT templates
    • Domain
    • Webhook
    • Backend Request
      • Overview
      • Making requests
        • Same-origin requests
        • Cross-origin requests
        • Customize your session token
      • Handling requests
        • Manual JWT verification
      • Session Management
  • SDK References
    • React
      • Overview
      • Guides
        • Add React Router
      • Client-side Helpers
        • useUser()
        • useOneAuxilia()
        • useAuth()
        • useSignIn()
        • useSignUp()
        • useSession()
        • useSessionList()
        • useOrganization()
        • useOrganizationList()
  • API References
    • Open API
  • industry reference
    • Ecommerce
    • Broadcasting
    • IoT
Powered by GitBook
On this page
  1. Development

Domain

PreviousCustom JWT templatesNextWebhook

Last updated 10 months ago

When using the website, access from unauthorized domains will be restricted. Therefore, all API access must be configured by setting the appropriate DNS records. The API also allows OneAuxilia to support session management and provide your users with the necessary tools to authenticate and manage their accounts.

In the production environment, you need to configure DNS records according to the following mechanism.

We adhere to security standards for protecting user data over the internet, granting session read access only through . We strongly advise against cross-domain data access for the following reasons:

  • CSRF Attacks: Sharing cookies between domains can increase the risk of CSRF attacks if not properly secured.

  • Information Leakage: Cookies containing sensitive information may be accessed by untrusted domains."

In the production environment, you need to configure DNS records according to the following mechanism.

cookies
Access is not allowed
Accept access and share cookies through the root domain