diff --git a/pages/api/soknader/soknaderInnsending.ts b/pages/api/soknader/soknaderInnsending.ts
index d78c514..d9f2b7e 100644
--- a/pages/api/soknader/soknaderInnsending.ts
+++ b/pages/api/soknader/soknaderInnsending.ts
@@ -1,9 +1,25 @@
 import { beskyttetApi, getAccessTokenFromRequest } from '@navikt/aap-felles-utils';
 import { getSøknaderInnsending } from 'pages/api/soknader/soknader';
 
+const allowedOrigins = [
+  'https://www.intern.dev.nav.no',
+  'https://aap-mine-aap.intern.dev.nav.no',
+  'https://www.nav.no',
+];
+
 const handler = beskyttetApi(async (req, res) => {
   const accessToken = getAccessTokenFromRequest(req);
   const søknader = await getSøknaderInnsending(accessToken);
+  if (req.headers.origin) {
+    res.setHeader('Access-Control-Allow-Credentials', 'true');
+    res.setHeader('Access-Control-Allow-Origin', allowedOrigins.includes(req.headers.origin) ? req.headers.origin : '');
+    res.setHeader('Access-Control-Allow-Methods', 'GET,OPTIONS,PATCH,DELETE,POST,PUT');
+    res.setHeader(
+      'Access-Control-Allow-Headers',
+      'X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version'
+    );
+  }
+
   res.status(200).json(søknader);
 });