To protect the system against Server-Side Request Forgery, all outbound cross-domain calls must be whitelisted. Cross-domain calls can occur, for example, when your application uses the call-webservice part or when it links remote workspaces to local workspaces.
With LogicNets, you manage outbound API security on the Security tab in the System Configuration application.
To whitelist a URL, go to the System Configuration application and click the Security tab. Scroll down to the Outbound Webservice Security section and enter the universal resource identifier (URI) in the Approved Outbound Webservice-URIs table:
When you use the call web service part, the system can pass user profile access tokens with the outbound call. To safely allow this, you have to enable the sharing of sensitive information to cross-domains. Do this in the Approved Outbound Webservice-URIs table as well:
