CHANGELOG.md

 # Changelog
 
+## [1.1.0](https://gitlab.developers.cam.ac.uk/uis/devops/iam/activate-account/api/compare/1.0.0...1.1.0) (2025-02-19)
+
+### Features
+
+* add allowed recaptcha header ([c5e4774](https://gitlab.developers.cam.ac.uk/uis/devops/iam/activate-account/api/commit/c5e477451ba998c9c4c8f37a80e92a317b9be54d))
+
+### Bug Fixes
+
+* include cors app correctly ([3ca45ce](https://gitlab.developers.cam.ac.uk/uis/devops/iam/activate-account/api/commit/3ca45ce1cb8800928b434d29fef8f173dc22789d))
+
 ## [1.0.0](https://gitlab.developers.cam.ac.uk/uis/devops/iam/activate-account/api/compare/0.19.0...1.0.0) (2025-02-19)
 
 ### ⚠ BREAKING CHANGES

activate_account_project/settings/base.py

@@ -4,6 +4,7 @@ from datetime import timedelta
 
 import externalsettings
 import structlog
+from corsheaders.defaults import default_headers
 
 from api.versions import AVAILABLE_VERSIONS
 
@@ -72,6 +73,7 @@ INSTALLED_APPS = [
     "django_filters",
     "drf_spectacular",
     "rest_framework",
+    "corsheaders",
     "knox",
     "activate_account",
     "api",
@@ -230,6 +232,7 @@ SPECTACULAR_SETTINGS = {
 # Allow all origins to access API.
 CORS_URLS_REGEX = r"^.*$"
 CORS_ORIGIN_ALLOW_ALL = True
+CORS_ALLOW_HEADERS = (*default_headers, "X-Recaptcha-Token")
 
 SWAGGER_SETTINGS = {
     # Describe token authentication in swagger definition

pyproject.toml

 [tool.poetry]
 name = "activate_account"
-version = "1.0.0"
+version = "1.1.0"
 description = ""
 authors = [ ]
 readme = "README.md"