An endpoint represents a path or URL to one or more resources (APIs or services) of an application. When you set up cross-origin resource sharing (CORS) policies, you must map to an endpoint to specify which CORS policies apply to it. By doing so, you control access to application resources from other systems or websites.
Matching incoming requests to the appropriate policy is based on the request method and the origin header value, which the system compares to the allowed methods and allowed origins. The matched policy becomes the effective policy and is applied to the client interaction.
The length of the path that you specify determines the level at which you are effectively providing security.
Use the Endpoint-CORS policy mapping form (Designer Studio > Integration > Services > Endpoint-CORS Policy Mapping) to map an endpoint to one or more CORS policies or to review existing instances.
You must have valid security privileges (pzCanManageSecurityPolicies) to map endpoints to CORS policies.
Endpoint-CORS policy mappings are instances of the DATA-Admin-Security-CORSEndpoint class.
They are part of the Security category.