How to allow all the subdomain of my main domain for the API using CORS_WILDCARD?

[nikunjmishra1998]

problem description

I want to allow only all of the subdomain of my main domain to access my API using CORS_WILDCARD. So please guide me How can I achieve this?
and if I add CORS_WILDCARD then also API is accessible from Postman. I want to disable API hit from postman also using CORS_WILDCARD.

your instance configuration

No response

[wukko]

#780?

[wukko]

why make two of the same exact issue?

[nikunjmishra1998]

Please give me a way to achive it

[kampride9]

I would also like to implement this feature. Could you please provide the steps for this?