Domain Whitelisting

Learn how to restrict access to your RPC endpoints to requests originating from specific domains.


Domain whitelisting enables you to restrict access to your RPC endpoints to requests originating from specific domains. This ensures that only your application or approved third-party services can interact with your endpoints.

Important Considerations:

  • Requests lacking an Origin header will be denied if domain whitelisting is enabled. Origin headers are typically included in requests made by browsers, but not in requests made by server-side applications.
  • Wildcard domains are supported. Although, if you whitelist *.example.com, it will not whitelist example.com. You will need to whitelist example.com separately.