Configure beacon origins allowlist
You can use the beacon origins allowlist to specify the domains from which OneAgent and ActiveGate accept Real User Monitoring beacons. A domain is stored in the
Origin header of each beacon request.
- If the allowlist is empty, OneAgent and ActiveGate accept RUM beacons from any domain.
- If a domain is on the allowlist, a request from that domain is accepted. The domain is copied to the
Access-Control-Allow-Originheader of the response, and the beacon response returns the
200 OKHTTP status code.
- If a domain is not on the allowlist, requests from that domain will be rejected. The beacon will fail with the
403 Forbiddenstatus code and a message like "The value in the
Originheader is not allowed".
Create a beacon origin rule to specify from which domains RUM beacons should be accepted by OneAgent and ActiveGate.
Right after you add the first beacon origin rule, all applications that don't match that rule will stop collecting Real User Monitoring data. This applies not only to applications that send RUM beacons via CORS requests but also to applications that issue regular requests.
To add a beacon origin rule
In the Dynatrace menu, go to Settings > Web and mobile monitoring > Beacon origins for CORS.
Select Add item.
Provide the correct pattern for the domain you want to specify.
Select Save changes.
You can add up to 20 beacon origin rules per environment.