Access-Control-Allow-Origin "https://crm.atas.com/" Access-Control-Allow-Credentials: true Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT" Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token" Access-Control-Expose-Headers "Content-Security-Policy, Location" Access-Control-Allow-Private-Network: true Access-Control-Max-Age "600"