Skip to main content

Settings and Security

App General Settings

From the Dashboard, click on an app then select the Settings tab.

Here you can:

  • Edit your app name and environment
  • View your subscription breakdown
  • Add or change your payment method
  • View details about your past invoices
  • Delete your app (clicking this button still requires additional confirmation to delete the app)
App Settings

App Security Settings

From the Dashboard, select the Settings tab, then click on Security on the left of the page.

App Security Settings - Edit Allowed Origins

Allowed Origins

To comply with our default CORS policy, you need to explicitly allow any domains that could be a part of a cross-origin request. We use Access-Control-Allow-Origin headers, populated by the Allowed Origins set here. You can add multiple domains, according to the needs of your app.

CORS

Cross-Origin Resource Sharing (CORS) is an HTTP header-based mechanism that allows a server to indicate any origin (domain, scheme, or port) other than its own from which a browser should permit the loading of resources.

CORS Request Example

info

For security reasons, browsers restrict cross-origin HTTP requests initiated from scripts.

An example of a cross-origin request:

CORS Error Example

CORS errors may occur when you're working with APIs. It's important to handle them effectively due to security reasons.

CORS Error Example
Access to fetch at 'https://solana--mainnet--rpc.datahub.figment.io/'
from origin 'http://localhost:3000' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check:
No 'Access-Control-Allow-Origin' header is present on the requested
resource. If an opaque response serves your needs, set the request's
mode to 'no-cors' to fetch the resource with CORS disabled.
caution

Although the error message says:

If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.

We recommend that you do not attempt to disable CORS when making requests via Figment endpoints.

Add Allowed Origin

  1. Navigate to your app's Security settings.
  2. In the Allowed Origins section, add a domain address that includes protocol (http, https, wss), hostname, and an optional port number. Example: http://localhost:3000 or https://appdomain.xyz or wss://uniswap.org.
  3. Click Save and save your changes to the Allowed Origins list. If you see errors upon saving you need to fix them first and click Save to revalidate and save your changes.

Delete Allowed Origin

  1. Navigate to your app's Security settings.
  2. In the Allowed Origins section, delete a domain address by clicking on the trashcan icon to the right of the URL.
  3. Click Save to save your changes to the Allowed Origins list.

Team Settings

Team Settings

Adding Collaborators

Clicking on Add Collaborator opens a modal view. Add the email address you are inviting to your team. There is a dropdown to select the role you want to assign them once they accept the invitation. Their status will show as Pending. Once the invite is accepted, the collaborator and their role will be visible in the list.

Team Settings - Add Collaborator

Deleting Collaborators

On the list of collaborators, select the one you want to delete. Click the three dots on the right side of their card to reveal the Delete action. Clicking it will immediately remove that collaborator from your app.

Team Settings - Remove Collaborator