diff --git a/src/main/java/com/basic/study/config/SecurityConfig.java b/src/main/java/com/basic/study/config/SecurityConfig.java
index 7291fbd..44454fc 100644
--- a/src/main/java/com/basic/study/config/SecurityConfig.java
+++ b/src/main/java/com/basic/study/config/SecurityConfig.java
@@ -1,5 +1,6 @@
 package com.basic.study.config;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -13,6 +14,8 @@
 
 @Configuration
 public class SecurityConfig {
+    @Value("${web.port}")
+    private String port;
 
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
@@ -28,8 +31,9 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
-        configuration.setAllowedOrigins(List.of("*"));
+        configuration.setAllowedOrigins(List.of("http://localhost:" + port));
         configuration.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE"));
+        configuration.setAllowCredentials(true);
         configuration.setMaxAge(3600L);
 
         UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();