* Ember in UPS is firing AJAX request to REST Endpoints on the same domain. However, as it goes through Keycloak Auth Server, this is considered CORS request. I had to configure Web Origin for UPS application. This is confusing to me, Origin header should be transparent for Keycloak as I'm firing request to the same domain. Note this does not happen in Firefox, which identifies same domain and avoids Origin header. I need some insight here from more skilled people.