Skip to main content
Configure which domains are allowed to connect to your app through Phantom Portal. Allowed origins determine which domains your app can connect from. This security measure helps prevent unauthorized sites from impersonating your app.

Add allowed origins

  1. In Phantom Portal, go to URL config.
  2. Find the Allowed origins section.
  3. Enter your domain (for example, https://yourapp.com).
  4. Select Add.
  5. When you add URLs, a message “You have unsaved changes” will appear above the API section with Save or Cancel buttons.
  6. Click Save to confirm your changes.
URL configuration showing allowed origins

Formatting rules

  • Include the protocol: https:// for production, http:// only for localhost
  • Match the exact domain: No wildcards or paths such as /app or /dashboard.
EnvironmentFormat
Productionhttps://yourapp.com
Staginghttps://staging.yourapp.com
Local developmenthttp://localhost:3000

Typical configurations

Most apps use multiple environments. Add each one your app runs on so Phantom can connect correctly.
EnvironmentExample
Productionhttps://yourapp.com
Staginghttps://staging.yourapp.com
Local developmenthttp://localhost:3000

Need help?

Contact Phantom developer support.

Next steps

Complete your app profile with branding and details.

Verify your domain

Previous: Verify your domain

Edit app info

Next: Add your app information