diff --git a/app/__init__.py b/app/__init__.py
index c99094c03cf308fdd2bfdf725c337f676991068a..ba0051d2d6f74af9babea278785ff11ffbefe5f3 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -7,6 +7,7 @@ import messages
 # third-party imports
 import uuid
 from flask import Flask, redirect, url_for, request, render_template, flash, session, send_from_directory
+from flask_cors import CORS
 from flask_bootstrap import Bootstrap
 import random
 import os
@@ -14,6 +15,7 @@ import json
 
 def create_app(config_name):
     app = Flask(__name__, static_folder='static') # initialization of the flask app
+    cors = CORS(app, resources={r"/*": {"origins": "https://testshib1.dev.rc.uab.edu/"}})
     Bootstrap(app) # allowing app to use bootstrap
 
     def get_authorized_user():
diff --git a/requirements.txt b/requirements.txt
index 482a9fe0ddfc26bcf7cf63c749938f4c36f18f73..f559c9a788deb2869a4651fa4d1b294c39af4a1e 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -7,6 +7,7 @@ Flask==1.1.1
 Flask-Bootstrap==3.3.7.1
 Flask-SocketIO==4.2.1
 Flask-Testing==0.7.1
+Flask-Cors==3.0.10
 gevent==1.4.0
 greenlet==0.4.15
 importlib-metadata==1.5.0
diff --git a/run.py b/run.py
index 226a79f1b715c91b6b87c044e298b5f4e3f42687..339a3ef6d7aa8997c7f4dd10d739ea54ea635b9c 100644
--- a/run.py
+++ b/run.py
@@ -14,7 +14,7 @@ monkey.patch_all(subprocess=True)
 config_name = os.getenv('FLASK_CONFIG')
 app = create_app(config_name)
 app.config['SECRET_KEY'] = vars.key
-socketio = SocketIO(app, message_queue= vars.message_queue)
+socketio = SocketIO(app, cors_allowed_origins="https://testshib1.dev.rc.uab.edu", message_queue=vars.message_queue)
 
 @socketio.on('join_room')
 def on_room(json):