Our application is multi-tenant, we're handling users from a dynamic number of subdomains.

We would like to setup authorization for Mercure subscribers, but it seems that it not possible with current configuration.

We've tried: cors_origins https://*.example.com, but Access-Control-Allow-Origin header is not appearing in responses from Mercure.

What can we do to fix this issue?