API → Security settings
Turn on CORS settings for authentication (if needed).
Enter all your addresses from which your are going to send requests (don't forget to add all the addresses, including
Choose the proper encryption for your passwords. Don't forget, that old user accounts will loose the access, the password refresh will be needed.