umbraco · eshanrnh · Oct 31, 2025 · Oct 30, 2025 · Oct 31, 2025
diff --git a/16/umbraco-cms/reference/configuration/securitysettings.md b/16/umbraco-cms/reference/configuration/securitysettings.md
@@ -20,6 +20,7 @@ A full configuration with all default values can be seen here:
       "UsernameIsEmail": true,
       "MemberRequireUniqueEmail": true,
       "AllowedUserNameCharacters": "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-._@+\\",
+      "BackOfficeHost": "http://your-domain.com",
       "UserPassword": {
         "RequiredLength": 10,
         "RequireNonLetterOrDigit": false,
@@ -84,6 +85,10 @@ By default Umbraco will not allow creation of more than one member account with
 
 Defines the allowed characters for a username.
 
+### BackOffice Host
+
+Use this setting to override the Backoffice host URL. This is useful when the Backoffice client runs from a different origin than the Umbraco server. For example, in proxied, cloud-hosted setups, or when developing locally using Vite or another dev server.
+
 ### User default lockout time
 
 Use this setting to configure how long time a User is locked out of the Umbraco backoffice when a lockout occurs. The setting accepts an integer which defines the lockout in minutes.