CORS (Cross-Origin Resource Sharing) is a security mechanism that controls which domains can access your API. Browsers block cross-origin requests by default. Configure your server to allow specific origins.