diff --git a/rsconcept/backend/project/settings.py b/rsconcept/backend/project/settings.py
index ae6c1a8e..11a3d5fb 100644
--- a/rsconcept/backend/project/settings.py
+++ b/rsconcept/backend/project/settings.py
@@ -67,6 +67,7 @@ REST_FRAMEWORK = {
 # CORS_ORIGIN_ALLOW_ALL = True
 CORS_ALLOW_CREDENTIALS = True
 CORS_ALLOWED_ORIGINS = os.environ.get('CORS_ALLOWED_ORIGINS', 'http://localhost:3000').split(';')
+CSRF_TRUSTED_ORIGINS = os.environ.get('CSRF_TRUSTED_ORIGINS', 'http://localhost:3000').split(';')
 # CSRF_COOKIE_NAME = 'csrftoken'
 # CSRF_HEADER_NAME = 'HTTP_X_CSRFTOKEN'