Configure beacon domain whitelist

Dynatrace enables you to specify from which domains RUM beacons will be accepted by OneAgent and ActiveGate. A domain is stored in the Origin header of each beacon request and, if accepted, is copied to the Access-Control-Allow-Origin header of the response. If a domain specified in a beacon request isn't part of the whitelist, the domain will be rejected and the beacon response will return the HTTP status code 403. When the whitelist is empty, beacons are accepted from all domains.

To specify from which domains RUM beacons should be accepted by OneAgent and ActiveGate, you need to define a rule.

  1. Navigate to Settings > Web & mobile monitoring > Advanced setup.
  2. Click Add rule.
  3. Provide the appropriate pattern for the domain you want to specify.
    beacon domain
  4. Click Add rule.
  5. Click Save changes.


  1. This feature requires OneAgent version 1.171+, ActiveGate version 1.171+, and Dynatrace version 1.172+.
  2. Be aware that once you enable the first rule, any applications that don't match the rule will no longer collect Real User Monitoring data. This is not only limited to applications that send RUM beacons via CORS requests, but also to applications that send regular requests.