From b57cb264113d806ec3e158b122c79beb3365eae9 Mon Sep 17 00:00:00 2001
From: Rostislav Melkumyan <hello@rosti.no>
Date: Mon, 6 Jan 2025 14:30:40 +0100
Subject: [PATCH] feat(cli): allow credentials when adding CORS entry (#8191)

---
 packages/@sanity/cli/src/util/remoteTemplate.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/packages/@sanity/cli/src/util/remoteTemplate.ts b/packages/@sanity/cli/src/util/remoteTemplate.ts
index b42b153dbfc..992837060dc 100644
--- a/packages/@sanity/cli/src/util/remoteTemplate.ts
+++ b/packages/@sanity/cli/src/util/remoteTemplate.ts
@@ -301,7 +301,7 @@ export async function setCorsOrigin(
     await apiClient({api: {projectId}}).request({
       method: 'POST',
       url: '/cors',
-      body: {origin: origin, allowCredentials: false},
+      body: {origin: origin, allowCredentials: true}, // allowCredentials is true to allow for embedded studios if needed
     })
   } catch (error) {
     // Silent fail, it most likely means that the origin is already set