# List allowed HTTP origins

**GET /groups/{groupId}/apps/{appId}/security/allowed_request_origins**

List the allowed [HTTP
origins](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Origin)
from which App Services should allow requests.


## Servers
- The root API resource and starting point for the App Services API.: https://services.cloud.mongodb.com/api/admin/v3.0 (The root API resource and starting point for the App Services API.)


## Authentication methods
- Token auth


## Parameters

### Path parameters
- **groupId** (string)
  An Atlas [Project/Group
  ID](https://docs.atlas.mongodb.com/tutorial/manage-projects/).
- **appId** (string)
  The ObjectID of your application.
  [The App Services API Project and Application IDs section](#section/Project-and-Application-IDs) demonstrates how to find this
  value.



## Responses
### 200
Successfully listed.

#### Body: application/json (array[string])
array[string]

[Powered by Bump.sh](https://bump.sh)