You can add CORS and CSP directives to EmpowerID directly from the application itself. This frees you from needing to open and edit the EmpowerID web.config file on all your EmpowerID servers. Once you add your specific CORS and CSP directives in the Web UI, you simply restart the EmpowerID Web Role Windows Service to have those changes propagate to the web.config file.
Configure the settings
On the navbar, expand Single Sign-On > SSO Connections and select Security.
This directs you to the Find Security page, which contains two tabs, one for CORS and the other CSP.To add a URL to CORS, select the CORS tab and click the Add button on the grid header.
Enter the URL into the URL field and then click Save.
Repeat for other URLs as needed.
To add to the CSP directives, select the CSP tab and click the Name link for the directive you want to alter.
On the Directive Details view that appears, expand the Values accordion and then click the Add button on the grid header.
Enter the value in the in the Name field and click Save.
Repeat for other values as needed.
Once you have finished adding your values, open Services.msc and restart the EmpowerID Web Role Windows Service.