diff --git a/sso.js b/sso.js
index 5bb2c39..646d9c0 100644
--- a/sso.js
+++ b/sso.js
@@ -25,7 +25,16 @@ const signOptions = {
 const urlKeycloakToken = `${process.env.KC_URL}/realms/${process.env.KC_REALMS}/protocol/openid-connect/token`;
 
 const app = express();
-app.use(cors({ origin: '*', methods: 'GET,POST,PUT,DELETE' }));
+
+// Allow a specific origin and enable credentials
+const corsOptions = {
+  origin: 'http://localhost:3002', // Replace with your Vue app's URL
+  methods: 'GET,POST,PUT,DELETE',
+  credentials: true, // Enable cookies or Authorization headers
+};
+
+app.use(cors(corsOptions));
+
 app.use(express.urlencoded({ extended: true }));
 app.use(express.json());
 app.use(cookieParser());