# Dgraph.Allow-Origin
at the end of your GraphQL schema specifying the origins
allowed.
For example, the following restricts all origins except the ones specified.
/graphql
endpoint doesn’t limit the request origin
(Access-Control-Allow-Origin: *
).