diff --git a/.env.sample b/.env.sample
index 9a186f4f..85556eda 100644
--- a/.env.sample
+++ b/.env.sample
@@ -17,4 +17,5 @@ GITHUB_SECRET="<insert>"
 OAUTH_PROVIDERS="github"
 SECRET_KEY="<insert>"
 NAMESPACE="default"
-stdnfsPvc="stdnfs"
\ No newline at end of file
+stdnfsPvc="stdnfs"
+CSRF_DOMAINS="https://*.remci.org"
\ No newline at end of file
diff --git a/appstore/appstore/settings/base.py b/appstore/appstore/settings/base.py
index 0f5e6d34..20472dde 100644
--- a/appstore/appstore/settings/base.py
+++ b/appstore/appstore/settings/base.py
@@ -344,10 +344,13 @@
     },
 }
 
-CSRF_TRUSTED_ORIGINS = [
-        "https://*.renci.org",
-        "https://*.renci.unc.edu"
-    ]
+CSRF_TRUSTED_ORIGINS = os.environ.get("CSRF_DOMAINS", "").split(",")
+print(CSRF_TRUSTED_ORIGINS)
+if CSRF_TRUSTED_ORIGINS == 0:
+    CSRF_TRUSTED_ORIGINS = [
+            "https://*.renci.org",
+            "https://*.renci.unc.edu"
+        ]
 
 # All debug settings
 if DEBUG and DEV_PHASE in ("local", "stub", "dev"):