diff --git a/PizzaExpress/Program.cs b/PizzaExpress/Program.cs
index bac0cee..50ce49a 100644
--- a/PizzaExpress/Program.cs
+++ b/PizzaExpress/Program.cs
@@ -10,15 +10,14 @@ namespace PizzaExpress
             var MyAllowSpecificOrigins = "_myAllowSpecificOrigins";
             var builder = WebApplication.CreateBuilder(args);
 
-            var allowedOrigins = builder.Configuration.GetSection("AllowedOrigins").Get<string[]>();
+            var allowedOrigins = builder.Configuration.GetSection("Cors:AllowedOrigins").Get<string[]>();
 
             builder.Services.AddCors(options =>
             {
                 options.AddPolicy(name: MyAllowSpecificOrigins,
                                   policy =>
                                   {
-                                      policy.WithOrigins("http://127.0.0.1:5500",
-                                                          "http://localhost:5500")
+                                      policy.WithOrigins(allowedOrigins)
                                       .AllowAnyMethod()
                                       .AllowAnyHeader()
                                       .AllowCredentials();
diff --git a/PizzaExpress/appsettings.Development.json b/PizzaExpress/appsettings.Development.json
index ff66ba6..68c8e17 100644
--- a/PizzaExpress/appsettings.Development.json
+++ b/PizzaExpress/appsettings.Development.json
@@ -4,5 +4,11 @@
       "Default": "Information",
       "Microsoft.AspNetCore": "Warning"
     }
+  },
+  "Cors": {
+    "AllowedOrigins": [
+      "http://127.0.0.1:5500",
+      "http://localhost:5500"
+    ]
   }
 }