## ⚠️ Upcoming Change

On **16 June 2026**, we’ll be enabling CORS restrictions on the Signable public API.

This will prevent web browsers from making direct client-side requests to the API.

Our API is designed to be called from your server, not from browser-based JavaScript.

### What this means

If you’re currently making direct requests to the Signable API from frontend code (for example, using `fetch` or `axios` in the browser), those requests will be blocked once CORS restrictions are enabled.

You’ll need to move those requests to your server before this date.

### Why we’re doing this

Restricting browser-based access improves security and ensures API credentials are not exposed in client-side applications.

### Need help?

If you think this change might affect you, please contact support and we’ll be happy to help.