We want to change the default CORS whitelisting, which is currently set to the API Portal.

Can we change the whitelisting for individual APIs or is it only globally changeable?

Release : 4.3.1

Component : API PORTAL

Updating the whitelist globally is currently the only solution when using portal published API ,

you may want to raise an enhancement request on the community for a future release to have an option to this on a more granular base.