One of environment variable SECURITY_ORIGIN in OHDSI/WebAPI is related to CORS was designed for static value to reach address of its WebAPI from ATLAS. (as code below)
The default value is pointing directly to localhost or 127.0.0.1 for single machine working purpose and will occur an error when using another machine in the network, to fix this problem the value of SECURITY_ORIGIN should be "the actual IP address of WebAPI host machine" but this limitation would not possible when host machine cannot be assigned with dedicate IP address, or have to re-obtain DHCP every fixed period of time.
Note: Screenshot from non-host machine when test with same LAN network with host machine.
Current approach would be disable SECURITY_CORS_ENABLED but may not recommended.
One of environment variable
SECURITY_ORIGIN
in OHDSI/WebAPI is related to CORS was designed for static value to reach address of its WebAPI from ATLAS. (as code below)https://github.com/sidataplus/omop-core/blob/a39556cd3f0e8f00c424050303acfb124dbf19ca/container/module/OHDSI/WebAPI/WebAPI-compose.yaml#L56C7-L58C47
The default value is pointing directly to
localhost
or127.0.0.1
for single machine working purpose and will occur an error when using another machine in the network, to fix this problem the value ofSECURITY_ORIGIN
should be "the actual IP address of WebAPI host machine" but this limitation would not possible when host machine cannot be assigned with dedicate IP address, or have to re-obtain DHCP every fixed period of time.Note: Screenshot from non-host machine when test with same LAN network with host machine.
Current approach would be disable
SECURITY_CORS_ENABLED
but may not recommended.