diff --git a/skyvern/config.py b/skyvern/config.py
index 1d67f94f9..8b01afc82 100644
--- a/skyvern/config.py
+++ b/skyvern/config.py
@@ -31,6 +31,7 @@ class Settings(BaseSettings):
     JSON_LOGGING: bool = False
     LOG_LEVEL: str = "INFO"
     PORT: int = 8000
+    ALLOWED_ORIGINS: list[str] = ["*"]
 
     # Secret key for JWT. Please generate your own secret key in production
     SECRET_KEY: str = "RX1NvhujcJqBPi8O78-7aSfJEWuT86-fll4CzKc_uek"
diff --git a/skyvern/forge/api_app.py b/skyvern/forge/api_app.py
index c51dbc21f..1c41e73bc 100644
--- a/skyvern/forge/api_app.py
+++ b/skyvern/forge/api_app.py
@@ -38,19 +38,9 @@ def get_agent_app(router: APIRouter = base_router) -> FastAPI:
     app = FastAPI()
 
     # Add CORS middleware
-    origins = [
-        "http://localhost:5000",
-        "http://127.0.0.1:5000",
-        "http://localhost:8000",
-        "http://127.0.0.1:8000",
-        "http://localhost:8080",
-        "http://127.0.0.1:8080",
-        # Add any other origins you want to whitelist
-    ]
-
     app.add_middleware(
         CORSMiddleware,
-        allow_origins=origins,
+        allow_origins=SettingsManager.get_settings().ALLOWED_ORIGINS,
         allow_credentials=True,
         allow_methods=["*"],
         allow_headers=["*"],