# Dev uses the Vite proxy (see vite.config.js), so these are SAME-ORIGIN relative paths. # The proxy forwards them to the Spring Boot backend, so the browser never makes a # cross-origin request and CORS is avoided entirely in development. VITE_AUTH_SERVICE_URL=/auth-service VITE_OPR_API_URL=/opr-rest-api VITE_CRM_API_URL=/crm-rest-api # --- If you ever call the backend DIRECTLY (no proxy), use absolute URLs instead and # --- configure CORS on the backend (allowCredentials=true + explicit origin, never "*"): # VITE_AUTH_SERVICE_URL=http://localhost:8080/auth-service # VITE_OPR_API_URL=http://localhost:8080/opr-service