This article explains if it is possible to increase the limit of Allowed Web Origins and Allowed Origins (CORS).

• Allowed Web Origins
• Allowed Origins (CORS)

For public cloud customers, both "Allowed Web Origins" and "Allowed Origins (CORS)" are limited to a maximum of 100 instances each. This limit cannot be increased.

The primary reason for enforcing these URL instance limits is to protect against latency issues. Granting limit increases would lead to performance issues.

There are two possible workarounds: 

1. Use multiple Auth0 tenants as an alternative.
2.  Consider partitioning customers and use the same client_id only for up to 100 of them.

For Private cloud customers, it may be possible to grant an exception to this rule. Open a support Case with the following information:

• Clearly describe the business and technical reasons for increasing the threshold of "Allowed Web Origins" and "Allowed Origins (CORS)" to be increased. 
• Provide the requested new upper limits and explain how this number was determined.