diff --git a/basyx.aasenvironment/basyx.aasenvironment-http/src/main/java/org/eclipse/digitaltwin/basyx/aasenvironment/http/AASEnvironmentConfiguration.java b/basyx.aasenvironment/basyx.aasenvironment-http/src/main/java/org/eclipse/digitaltwin/basyx/aasenvironment/http/AASEnvironmentConfiguration.java
new file mode 100644
index 000000000..368885027
--- /dev/null
+++ b/basyx.aasenvironment/basyx.aasenvironment-http/src/main/java/org/eclipse/digitaltwin/basyx/aasenvironment/http/AASEnvironmentConfiguration.java
@@ -0,0 +1,45 @@
+/*******************************************************************************
+ * Copyright (C) 2023 the Eclipse BaSyx Authors
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ * 
+ * SPDX-License-Identifier: MIT
+ ******************************************************************************/
+
+
+package org.eclipse.digitaltwin.basyx.aasenvironment.http;
+
+import org.eclipse.digitaltwin.basyx.http.CorsPathPatternProvider;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 
+ * @author schnicke
+ *
+ */
+@Configuration
+public class AASEnvironmentConfiguration {
+
+	@Bean
+	public CorsPathPatternProvider getAASEnvironmentRepoCorsUrlProvider() {
+		return new CorsPathPatternProvider("/serialization");
+	}
+}
diff --git a/basyx.aasenvironment/basyx.aasenvironment.component/src/main/resources/application.properties b/basyx.aasenvironment/basyx.aasenvironment.component/src/main/resources/application.properties
index db87379de..0b53cd99b 100644
--- a/basyx.aasenvironment/basyx.aasenvironment.component/src/main/resources/application.properties
+++ b/basyx.aasenvironment/basyx.aasenvironment.component/src/main/resources/application.properties
@@ -17,56 +17,7 @@ basyx.backend = InMemory
 # mqtt.hostname = localhost
 # mqtt.port = 1883
 
-# Base Path for Spring Boot Actuator
-management.endpoints.web.base-path=/
-
-####################################################################################
-# Cross-Site Resource Sharing (CORS);
-####################################################################################
-# Comma-separated list of origins to allow. '*' allows all origins. When credentials
-# are allowed, '*' cannot be used and origin patterns should be configured instead.
-# When no allowed origins or allowed origin patterns are set, CORS support is
-# disabled.
-#
-# management.endpoints.web.cors.allowed-origins=https://example.com
-#
-####################################################################################
-# Comma-separated list of origin patterns to allow. Unlike allowed origins which only
-# supports '*', origin patterns are more flexible (for example
-# 'https://*.example.com') and can be used when credentials are allowed. When no
-# allowed origin patterns or allowed origins are set, CORS support is disabled.
-#
-# management.endpoints.web.cors.allowed-origin-patterns=https://*.example.com
-#
-####################################################################################
-# Comma-separated list of methods to allow. '*' allows all methods. When not set,
-# defaults to GET.
-#
-# management.endpoints.web.cors.allowed-methods=
-#
-####################################################################################
-# Comma-separated list of headers to allow in a request. '*' allows all headers.
-#
-# management.endpoints.web.cors.allowed-headers=
-#
-####################################################################################
-# Comma-separated list of headers to include in a response.
-#
-# management.endpoints.web.cors.exposed-headers=
-#
-####################################################################################
-# Boolean; Whether credentials are supported. When not set, credentials are not supported.
-#
-# management.endpoints.web.cors.allow-credentials=
-#
-####################################################################################
-# Number; How long in seconds the response from a pre-flight request can be cached
-# by clients.
-#
-# management.endpoints.web.cors.max-age=
-#
-####################################################################################
-
+# basyx.cors.allowed-origins=http://localhost:3000, http://localhost:4000
 
 ####################################################################################
 # Preconfiguring the Environment;
diff --git a/basyx.aasrepository/basyx.aasrepository-http/src/main/java/org/eclipse/digitaltwin/basyx/aasrepository/http/AasRepoConfiguration.java b/basyx.aasrepository/basyx.aasrepository-http/src/main/java/org/eclipse/digitaltwin/basyx/aasrepository/http/AasRepoConfiguration.java
new file mode 100644
index 000000000..8b8f2508c
--- /dev/null
+++ b/basyx.aasrepository/basyx.aasrepository-http/src/main/java/org/eclipse/digitaltwin/basyx/aasrepository/http/AasRepoConfiguration.java
@@ -0,0 +1,45 @@
+/*******************************************************************************
+ * Copyright (C) 2023 the Eclipse BaSyx Authors
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ * 
+ * SPDX-License-Identifier: MIT
+ ******************************************************************************/
+
+
+package org.eclipse.digitaltwin.basyx.aasrepository.http;
+
+import org.eclipse.digitaltwin.basyx.http.CorsPathPatternProvider;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 
+ * @author schnicke
+ *
+ */
+@Configuration
+public class AasRepoConfiguration {
+
+	@Bean
+	public CorsPathPatternProvider getAasRepoCorsUrlProvider() {
+		return new CorsPathPatternProvider("/shells/**");
+	}
+}
diff --git a/basyx.aasrepository/basyx.aasrepository.component/src/main/resources/application.properties b/basyx.aasrepository/basyx.aasrepository.component/src/main/resources/application.properties
index f631808ab..4e939095a 100644
--- a/basyx.aasrepository/basyx.aasrepository.component/src/main/resources/application.properties
+++ b/basyx.aasrepository/basyx.aasrepository.component/src/main/resources/application.properties
@@ -1,4 +1,5 @@
 server.port=8081
+server.error.path=/error
 
 spring.application.name=AAS Repository
 basyx.aasrepo.name=aas-repo
@@ -19,57 +20,4 @@ basyx.backend = InMemory
 # mqtt.hostname = localhost
 # mqtt.port = 1883
 
-
-server.error.path=/error
-
-
-# Base Path for Spring Boot Actuator
-management.endpoints.web.base-path=/
-
-####################################################################################
-# Cross-Site Resource Sharing (CORS);
-# As seen on https://docs.spring.io/spring-boot/docs/current/reference/html/actuator.html#actuator.endpoints.cors
-####################################################################################
-# Comma-separated list of origins to allow. '*' allows all origins. When credentials
-# are allowed, '*' cannot be used and origin patterns should be configured instead.
-# When no allowed origins or allowed origin patterns are set, CORS support is
-# disabled.
-#
-# management.endpoints.web.cors.allowed-origins=https://example.com
-#
-####################################################################################
-# Comma-separated list of origin patterns to allow. Unlike allowed origins which only
-# supports '*', origin patterns are more flexible (for example
-# 'https://*.example.com') and can be used when credentials are allowed. When no
-# allowed origin patterns or allowed origins are set, CORS support is disabled.
-#
-# management.endpoints.web.cors.allowed-origin-patterns=https://*.example.com
-#
-####################################################################################
-# Comma-separated list of methods to allow. '*' allows all methods. When not set,
-# defaults to GET.
-#
-# management.endpoints.web.cors.allowed-methods=
-#
-####################################################################################
-# Comma-separated list of headers to allow in a request. '*' allows all headers.
-#
-# management.endpoints.web.cors.allowed-headers=
-#
-####################################################################################
-# Comma-separated list of headers to include in a response.
-#
-# management.endpoints.web.cors.exposed-headers=
-#
-####################################################################################
-# Boolean; Whether credentials are supported. When not set, credentials are not supported.
-#
-# management.endpoints.web.cors.allow-credentials=
-#
-####################################################################################
-# Number; How long in seconds the response from a pre-flight request can be cached
-# by clients.
-#
-# management.endpoints.web.cors.max-age=
-#
-####################################################################################
+# basyx.cors.allowed-origins=http://localhost:3000, http://localhost:4000
\ No newline at end of file
diff --git a/basyx.common/basyx.http/src/main/java/org/eclipse/digitaltwin/basyx/http/BaSyxHTTPConfiguration.java b/basyx.common/basyx.http/src/main/java/org/eclipse/digitaltwin/basyx/http/BaSyxHTTPConfiguration.java
index e92a42bb1..47ce81303 100644
--- a/basyx.common/basyx.http/src/main/java/org/eclipse/digitaltwin/basyx/http/BaSyxHTTPConfiguration.java
+++ b/basyx.common/basyx.http/src/main/java/org/eclipse/digitaltwin/basyx/http/BaSyxHTTPConfiguration.java
@@ -26,11 +26,17 @@
 
 package org.eclipse.digitaltwin.basyx.http;
 
+import java.util.Arrays;
 import java.util.List;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.converter.json.Jackson2ObjectMapperBuilder;
+import org.springframework.web.servlet.config.annotation.CorsRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 import com.fasterxml.jackson.annotation.JsonInclude;
 
@@ -43,6 +49,7 @@
  */
 @Configuration
 public class BaSyxHTTPConfiguration {
+	Logger logger = LoggerFactory.getLogger(BaSyxHTTPConfiguration.class);
 
 	/**
 	 * Returns a Jackson2ObjectMapperBuilder that is configured using the passed
@@ -61,4 +68,35 @@ public Jackson2ObjectMapperBuilder jackson2ObjectMapperBuilder(List<Serializatio
 		
 		return builder;
 	}
+
+	/**
+	 * Collects a list of {@link CorsPathPatternProvider} and uses them to configure
+	 * CORS for the passed pathPatterns
+	 * 
+	 * @param configurationUrlProviders
+	 * @param allowedOrigins
+	 * @return
+	 */
+	@Bean
+	public WebMvcConfigurer corsConfigurer(List<CorsPathPatternProvider> configurationUrlProviders, @Value("${basyx.cors.allowed-origins:}") String[] allowedOrigins) {
+		return new WebMvcConfigurer() {
+			@Override
+			public void addCorsMappings(CorsRegistry registry) {
+				if (allowedOrigins.length == 0)
+					return;
+
+				logger.info("---- Configuring CORS ----");
+
+				for (CorsPathPatternProvider provider : configurationUrlProviders) {
+					configureOrigins(allowedOrigins, registry, provider.getPathPattern());
+				}
+			}
+
+			private void configureOrigins(String[] allowedOrigins, CorsRegistry registry, String pathPattern) {
+				logger.info(pathPattern + " configured with allowedOriginPatterns " + Arrays.toString(allowedOrigins));
+
+				registry.addMapping(pathPattern).allowedOriginPatterns(allowedOrigins);
+			}
+		};
+	}
 }
diff --git a/basyx.common/basyx.http/src/main/java/org/eclipse/digitaltwin/basyx/http/CorsPathPatternProvider.java b/basyx.common/basyx.http/src/main/java/org/eclipse/digitaltwin/basyx/http/CorsPathPatternProvider.java
new file mode 100644
index 000000000..a1150493f
--- /dev/null
+++ b/basyx.common/basyx.http/src/main/java/org/eclipse/digitaltwin/basyx/http/CorsPathPatternProvider.java
@@ -0,0 +1,46 @@
+/*******************************************************************************
+ * Copyright (C) 2023 the Eclipse BaSyx Authors
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ * 
+ * SPDX-License-Identifier: MIT
+ ******************************************************************************/
+
+
+package org.eclipse.digitaltwin.basyx.http;
+
+/**
+ * Enables components to publish their used pathPatterns for CORS configuration
+ * 
+ * @author schnicke
+ *
+ */
+public class CorsPathPatternProvider {
+	private String pathPattern;
+
+	public CorsPathPatternProvider(String pathPattern) {
+		this.pathPattern = pathPattern;
+	}
+
+	public String getPathPattern() {
+		return pathPattern;
+	}
+
+}
diff --git a/basyx.conceptdescriptionrepository/basyx.conceptdescriptionrepository-http/src/main/java/org/eclipse/digitaltwin/basyx/conceptdescriptionrepository/http/ConceptDescriptionRepoConfiguration.java b/basyx.conceptdescriptionrepository/basyx.conceptdescriptionrepository-http/src/main/java/org/eclipse/digitaltwin/basyx/conceptdescriptionrepository/http/ConceptDescriptionRepoConfiguration.java
new file mode 100644
index 000000000..0c28e28d5
--- /dev/null
+++ b/basyx.conceptdescriptionrepository/basyx.conceptdescriptionrepository-http/src/main/java/org/eclipse/digitaltwin/basyx/conceptdescriptionrepository/http/ConceptDescriptionRepoConfiguration.java
@@ -0,0 +1,45 @@
+/*******************************************************************************
+ * Copyright (C) 2023 the Eclipse BaSyx Authors
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ * 
+ * SPDX-License-Identifier: MIT
+ ******************************************************************************/
+
+
+package org.eclipse.digitaltwin.basyx.conceptdescriptionrepository.http;
+
+import org.eclipse.digitaltwin.basyx.http.CorsPathPatternProvider;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 
+ * @author schnicke
+ *
+ */
+@Configuration
+public class ConceptDescriptionRepoConfiguration {
+
+	@Bean
+	public CorsPathPatternProvider getConceptDescriptionRepoCorsUrlProvider() {
+		return new CorsPathPatternProvider("/concept-descriptions/**");
+	}
+}
diff --git a/basyx.conceptdescriptionrepository/basyx.conceptdescriptionrepository.component/src/main/resources/application.properties b/basyx.conceptdescriptionrepository/basyx.conceptdescriptionrepository.component/src/main/resources/application.properties
index f2f97de04..d0e0d7448 100644
--- a/basyx.conceptdescriptionrepository/basyx.conceptdescriptionrepository.component/src/main/resources/application.properties
+++ b/basyx.conceptdescriptionrepository/basyx.conceptdescriptionrepository.component/src/main/resources/application.properties
@@ -16,53 +16,4 @@ basyx.backend = InMemory
 #alternative
 #spring.data.mongodb.uri=mongodb://mongoAdmin:mongoPassword@localhost:27017/?authMechanism=DEFAULT
 
-# Base Path for Spring Boot Actuator
-management.endpoints.web.base-path=/
-
-####################################################################################
-# Cross-Site Resource Sharing (CORS);
-# As seen on https://docs.spring.io/spring-boot/docs/current/reference/html/actuator.html#actuator.endpoints.cors
-####################################################################################
-# Comma-separated list of origins to allow. '*' allows all origins. When credentials
-# are allowed, '*' cannot be used and origin patterns should be configured instead.
-# When no allowed origins or allowed origin patterns are set, CORS support is
-# disabled.
-#
-# management.endpoints.web.cors.allowed-origins=https://example.com
-#
-####################################################################################
-# Comma-separated list of origin patterns to allow. Unlike allowed origins which only
-# supports '*', origin patterns are more flexible (for example
-# 'https://*.example.com') and can be used when credentials are allowed. When no
-# allowed origin patterns or allowed origins are set, CORS support is disabled.
-#
-# management.endpoints.web.cors.allowed-origin-patterns=https://*.example.com
-#
-####################################################################################
-# Comma-separated list of methods to allow. '*' allows all methods. When not set,
-# defaults to GET.
-#
-# management.endpoints.web.cors.allowed-methods=
-#
-####################################################################################
-# Comma-separated list of headers to allow in a request. '*' allows all headers.
-#
-# management.endpoints.web.cors.allowed-headers=
-#
-####################################################################################
-# Comma-separated list of headers to include in a response.
-#
-# management.endpoints.web.cors.exposed-headers=
-#
-####################################################################################
-# Boolean; Whether credentials are supported. When not set, credentials are not supported.
-#
-# management.endpoints.web.cors.allow-credentials=
-#
-####################################################################################
-# Number; How long in seconds the response from a pre-flight request can be cached
-# by clients.
-#
-# management.endpoints.web.cors.max-age=
-#
-####################################################################################
+# basyx.cors.allowed-origins=http://localhost:3000, http://localhost:4000
\ No newline at end of file
diff --git a/basyx.submodelrepository/basyx.submodelrepository-http/src/main/java/org/eclipse/digitaltwin/basyx/submodelrepository/http/SubmodelRepoConfiguration.java b/basyx.submodelrepository/basyx.submodelrepository-http/src/main/java/org/eclipse/digitaltwin/basyx/submodelrepository/http/SubmodelRepoConfiguration.java
new file mode 100644
index 000000000..6b72efb9c
--- /dev/null
+++ b/basyx.submodelrepository/basyx.submodelrepository-http/src/main/java/org/eclipse/digitaltwin/basyx/submodelrepository/http/SubmodelRepoConfiguration.java
@@ -0,0 +1,45 @@
+/*******************************************************************************
+ * Copyright (C) 2023 the Eclipse BaSyx Authors
+ * 
+ * Permission is hereby granted, free of charge, to any person obtaining
+ * a copy of this software and associated documentation files (the
+ * "Software"), to deal in the Software without restriction, including
+ * without limitation the rights to use, copy, modify, merge, publish,
+ * distribute, sublicense, and/or sell copies of the Software, and to
+ * permit persons to whom the Software is furnished to do so, subject to
+ * the following conditions:
+ * 
+ * The above copyright notice and this permission notice shall be
+ * included in all copies or substantial portions of the Software.
+ * 
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+ * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+ * OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+ * WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+ * 
+ * SPDX-License-Identifier: MIT
+ ******************************************************************************/
+
+
+package org.eclipse.digitaltwin.basyx.submodelrepository.http;
+
+import org.eclipse.digitaltwin.basyx.http.CorsPathPatternProvider;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+/**
+ * 
+ * @author schnicke
+ *
+ */
+@Configuration
+public class SubmodelRepoConfiguration {
+
+	@Bean
+	public CorsPathPatternProvider getSubmodelRepoCorsUrlProvider() {
+		return new CorsPathPatternProvider("/submodels/**");
+	}
+}
diff --git a/basyx.submodelrepository/basyx.submodelrepository.component/src/main/resources/application.properties b/basyx.submodelrepository/basyx.submodelrepository.component/src/main/resources/application.properties
index 019cfdb9c..cbbabfbc1 100644
--- a/basyx.submodelrepository/basyx.submodelrepository.component/src/main/resources/application.properties
+++ b/basyx.submodelrepository/basyx.submodelrepository.component/src/main/resources/application.properties
@@ -18,53 +18,4 @@ basyx.backend = InMemory
 # mqtt.hostname = localhost
 # mqtt.port = 1883
 
-# Base Path for Spring Boot Actuator
-management.endpoints.web.base-path=/
-
-####################################################################################
-# Cross-Site Resource Sharing (CORS);
-# As seen on https://docs.spring.io/spring-boot/docs/current/reference/html/actuator.html#actuator.endpoints.cors
-####################################################################################
-# Comma-separated list of origins to allow. '*' allows all origins. When credentials
-# are allowed, '*' cannot be used and origin patterns should be configured instead.
-# When no allowed origins or allowed origin patterns are set, CORS support is
-# disabled.
-#
-# management.endpoints.web.cors.allowed-origins=https://example.com
-#
-####################################################################################
-# Comma-separated list of origin patterns to allow. Unlike allowed origins which only
-# supports '*', origin patterns are more flexible (for example
-# 'https://*.example.com') and can be used when credentials are allowed. When no
-# allowed origin patterns or allowed origins are set, CORS support is disabled.
-#
-# management.endpoints.web.cors.allowed-origin-patterns=https://*.example.com
-#
-####################################################################################
-# Comma-separated list of methods to allow. '*' allows all methods. When not set,
-# defaults to GET.
-#
-# management.endpoints.web.cors.allowed-methods=
-#
-####################################################################################
-# Comma-separated list of headers to allow in a request. '*' allows all headers.
-#
-# management.endpoints.web.cors.allowed-headers=
-#
-####################################################################################
-# Comma-separated list of headers to include in a response.
-#
-# management.endpoints.web.cors.exposed-headers=
-#
-####################################################################################
-# Boolean; Whether credentials are supported. When not set, credentials are not supported.
-#
-# management.endpoints.web.cors.allow-credentials=
-#
-####################################################################################
-# Number; How long in seconds the response from a pre-flight request can be cached
-# by clients.
-#
-# management.endpoints.web.cors.max-age=
-#
-####################################################################################
+# basyx.cors.allowed-origins=http://localhost:3000, http://localhost:4000
\ No newline at end of file
diff --git a/docs/Management_Endpoint.md b/docs/Management_Endpoint.md
new file mode 100644
index 000000000..496cdc85c
--- /dev/null
+++ b/docs/Management_Endpoint.md
@@ -0,0 +1,39 @@
+# Configuring the Spring Management Endpoint
+The Spring Management Endpoint (including the health endpoint) options can be configured under [application.properties](./basyx.aasrepository.component/src/main/resources/application.properties) with the following attributes: (As seen on https://docs.spring.io/spring-boot/docs/current/reference/html/actuator.html#actuator.endpoints.cors)
+
+* Allowed Origins:<br>
+Comma-separated list of origin patterns to allow. Unlike allowed origins which only supports '*', origin patterns are more flexible (for example 'https://*.example.com') and can be used when credentials are allowed. When no allowed origin patterns or allowed origins are set, CORS support is disabled.
+  ```
+  management.endpoints.web.cors.allowed-origins=https://example.com
+  ```
+* Allowed Origin Patterns:<br>
+Comma-separated list of origin patterns to allow. Unlike allowed origins which only supports '*', origin patterns are more flexible (for example 'https://*.example.com') and can be used when credentials are allowed. When no allowed origin patterns or allowed origins are set, CORS support is disabled.
+  ```
+  management.endpoints.web.cors.allowed-origin-patterns=https://*.example.com
+  ```
+* Allowed Methods:<br>
+Comma-separated list of methods to allow. '*' allows all methods. When not set, defaults to GET.
+  ```
+  management.endpoints.web.cors.allowed-methods=
+  ```
+* Allowed Headers:<br>
+Comma-separated list of headers to allow in a request. '*' allows all headers.
+  ```
+  management.endpoints.web.cors.allowed-headers=
+  ```
+* Exposed Headers:<br>
+Comma-separated list of headers to include in a response.
+  ```
+  management.endpoints.web.cors.exposed-headers=
+  ```
+
+* Allow Credentials: <br>
+Boolean, whether credentials are supported. When not set, credentials are not supported.
+  ```
+  management.endpoints.web.cors.allow-credentials=
+  ```
+* Max Age:<br>
+Number, how long in seconds the response from a pre-flight request can be cached by clients.
+  ```
+  management.endpoints.web.cors.max-age=
+  ```
diff --git a/docs/Readme.md b/docs/Readme.md
index a13acdfc4..5eceeabb5 100644
--- a/docs/Readme.md
+++ b/docs/Readme.md
@@ -11,45 +11,13 @@ offer common mechanisms to check the current health status of the application an
 The health endpoint to check whether the server is up and running is available at:
 
 	http://{host}:{port}/health
-
-For a configuration example, see [application.properties](basyx.aasrepository.component/src/main/resources/application.properties)
+For a detailed documentation on its configuration possibilities, see [Spring Management Endpoint](Management_Endpoint.md) documentation.
 
 ## CORS configuration
-Cross-Site Resource Sharing options can be configured under [application.properties](./basyx.aasrepository.component/src/main/resources/application.properties) with the following attributes: (As seen on https://docs.spring.io/spring-boot/docs/current/reference/html/actuator.html#actuator.endpoints.cors)
+Cross-Site Resource Sharing options can be configured under [application.properties](./basyx.aasrepository.component/src/main/resources/application.properties) with the following attribute:
 
-* Allowed Origins:<br>
-Comma-separated list of origin patterns to allow. Unlike allowed origins which only supports '*', origin patterns are more flexible (for example 'https://*.example.com') and can be used when credentials are allowed. When no allowed origin patterns or allowed origins are set, CORS support is disabled.
-  ```
-  management.endpoints.web.cors.allowed-origins=https://example.com
-  ```
 * Allowed Origin Patterns:<br>
 Comma-separated list of origin patterns to allow. Unlike allowed origins which only supports '*', origin patterns are more flexible (for example 'https://*.example.com') and can be used when credentials are allowed. When no allowed origin patterns or allowed origins are set, CORS support is disabled.
   ```
-  management.endpoints.web.cors.allowed-origin-patterns=https://*.example.com
-  ```
-* Allowed Methods:<br>
-Comma-separated list of methods to allow. '*' allows all methods. When not set, defaults to GET.
-  ```
-  management.endpoints.web.cors.allowed-methods=
-  ```
-* Allowed Headers:<br>
-Comma-separated list of headers to allow in a request. '*' allows all headers.
-  ```
-  management.endpoints.web.cors.allowed-headers=
-  ```
-* Exposed Headers:<br>
-Comma-separated list of headers to include in a response.
-  ```
-  management.endpoints.web.cors.exposed-headers=
-  ```
-
-* Allow Credentials: <br>
-Boolean, whether credentials are supported. When not set, credentials are not supported.
-  ```
-  management.endpoints.web.cors.allow-credentials=
-  ```
-* Max Age:<br>
-Number, how long in seconds the response from a pre-flight request can be cached by clients.
-  ```
-  management.endpoints.web.cors.max-age=
+  basyx.cors.allowed-origins=http://localhost:8080=https://*.example.com
   ```