diff --git a/pkg/api/middleware.go b/pkg/api/middleware.go
index ef750f7..84c526b 100644
--- a/pkg/api/middleware.go
+++ b/pkg/api/middleware.go
@@ -80,7 +80,7 @@ func serveResult(result interface{}, err error, c *gin.Context) {
 func corsMiddleware() gin.HandlerFunc {
 	return func(c *gin.Context) {
 		c.Header("Access-Control-Allow-Methods", "GET, POST, OPTIONS")
-		c.Header("Access-Control-Allow-Origin", "*")
 		c.Header("Access-Control-Expose-Headers", "*")
+		c.Header("Access-Control-Allow-Origin", command.Opts.CorsOrigin)
 	}
 }
diff --git a/pkg/api/routes.go b/pkg/api/routes.go
index b8fea12..fac04af 100644
--- a/pkg/api/routes.go
+++ b/pkg/api/routes.go
@@ -10,7 +10,7 @@ func SetupMiddlewares(group *gin.RouterGroup) {
 		group.Use(requestInspectMiddleware())
 	}
 
-	if command.Opts.CORS {
+	if command.Opts.Cors {
 		group.Use(corsMiddleware())
 	}
 
diff --git a/pkg/command/options.go b/pkg/command/options.go
index deeaa25..f6ba211 100644
--- a/pkg/command/options.go
+++ b/pkg/command/options.go
@@ -36,7 +36,8 @@ type Options struct {
 	ConnectHeaders               string  `long:"connect-headers" description:"List of headers to pass to the connect backend"`
 	DisableConnectionIdleTimeout bool    `long:"no-idle-timeout" description:"Disable connection idle timeout" default:"false"`
 	ConnectionIdleTimeout        float64 `long:"idle-timeout" description:"Set connection idle timeout in minutes" default:"180"`
-	CORS                         bool    `long:"cors" description:"Enable Cross-Origin Resource Sharing (CORS)" default:"false"`
+	Cors                         bool    `long:"cors" description:"Enable Cross-Origin Resource Sharing (CORS)" default:"false"`
+	CorsOrigin                   string  `long:"cors-origin" description:"Allowed CORS origins" default:"*"`
 }
 
 var Opts Options