Domain

When using the website, access from unauthorized domains will be restricted. Therefore, all API access must be configured by setting the appropriate DNS records. The API also allows OneAuxilia to support session management and provide your users with the necessary tools to authenticate and manage their accounts.

Access is not allowed

In the production environment, you need to configure DNS records according to the following mechanism.

We adhere to security standards for protecting user data over the internet, granting session read access only through cookies. We strongly advise against cross-domain data access for the following reasons:

  • CSRF Attacks: Sharing cookies between domains can increase the risk of CSRF attacks if not properly secured.

  • Information Leakage: Cookies containing sensitive information may be accessed by untrusted domains."

Accept access and share cookies through the root domain

In the production environment, you need to configure DNS records according to the following mechanism.

PreviousCustom JWT templatesNextWebhook

Last updated