diff --git a/opentdf-core-mode.yaml b/opentdf-core-mode.yaml
index 40aafc19d4..037b53494a 100644
--- a/opentdf-core-mode.yaml
+++ b/opentdf-core-mode.yaml
@@ -40,6 +40,7 @@ server:
     allowedheaders:
       - ACCEPT
       - Authorization
+      - Connect-Protocol-Version
       - Content-Type
       - X-CSRF-Token
     # List of response headers that browsers are allowed to access
diff --git a/opentdf-dev.yaml b/opentdf-dev.yaml
index 77a562b3dd..5712e0ea19 100644
--- a/opentdf-dev.yaml
+++ b/opentdf-dev.yaml
@@ -127,6 +127,7 @@ server:
     allowedheaders:
       - ACCEPT
       - Authorization
+      - Connect-Protocol-Version
       - Content-Type
       - X-CSRF-Token
       - X-Request-ID
diff --git a/opentdf-ers-mode.yaml b/opentdf-ers-mode.yaml
index 838ccc4091..1b0e5f3f7e 100644
--- a/opentdf-ers-mode.yaml
+++ b/opentdf-ers-mode.yaml
@@ -75,6 +75,7 @@ server:
     allowedheaders:
       - ACCEPT
       - Authorization
+      - Connect-Protocol-Version
       - Content-Type
       - X-CSRF-Token
       - X-Request-ID
diff --git a/opentdf-example.yaml b/opentdf-example.yaml
index bde48ff33d..c8cec00888 100644
--- a/opentdf-example.yaml
+++ b/opentdf-example.yaml
@@ -88,8 +88,10 @@ server:
     allowedheaders:
       - ACCEPT
       - Authorization
+      - Connect-Protocol-Version
       - Content-Type
       - X-CSRF-Token
+      - X-Request-ID
     # List of response headers that browsers are allowed to access
     exposedheaders:
       - Link
diff --git a/opentdf-kas-mode.yaml b/opentdf-kas-mode.yaml
index b04da6d427..6965964352 100644
--- a/opentdf-kas-mode.yaml
+++ b/opentdf-kas-mode.yaml
@@ -87,6 +87,7 @@ server:
     allowedheaders:
       - ACCEPT
       - Authorization
+      - Connect-Protocol-Version
       - Content-Type
       - X-CSRF-Token
       - X-Request-ID
diff --git a/service/internal/server/server.go b/service/internal/server/server.go
index e08fb80578..8d94adaaa7 100644
--- a/service/internal/server/server.go
+++ b/service/internal/server/server.go
@@ -111,7 +111,7 @@ type CORSConfig struct {
 	Enabled          bool     `mapstructure:"enabled" json:"enabled" default:"true"`
 	AllowedOrigins   []string `mapstructure:"allowedorigins" json:"allowedorigins"`
 	AllowedMethods   []string `mapstructure:"allowedmethods" json:"allowedmethods" default:"[\"GET\",\"POST\",\"PATCH\",\"DELETE\",\"OPTIONS\"]"`
-	AllowedHeaders   []string `mapstructure:"allowedheaders" json:"allowedheaders" default:"[\"Accept\",\"Content-Type\",\"Content-Length\",\"Accept-Encoding\",\"X-CSRF-Token\",\"Authorization\",\"X-Requested-With\",\"Dpop\"]"`
+	AllowedHeaders   []string `mapstructure:"allowedheaders" json:"allowedheaders" default:"[\"Accept\",\"Content-Type\",\"Content-Length\",\"Accept-Encoding\",\"X-CSRF-Token\",\"Authorization\",\"X-Requested-With\",\"Dpop\",\"Connect-Protocol-Version\"]"`
 	ExposedHeaders   []string `mapstructure:"exposedheaders" json:"exposedheaders"`
 	AllowCredentials bool     `mapstructure:"allowcredentials" json:"allowedcredentials" default:"true"`
 	MaxAge           int      `mapstructure:"maxage" json:"maxage" default:"3600"`
diff --git a/service/pkg/server/testdata/all-no-config.yaml b/service/pkg/server/testdata/all-no-config.yaml
index 66b813225b..2970a6fa00 100644
--- a/service/pkg/server/testdata/all-no-config.yaml
+++ b/service/pkg/server/testdata/all-no-config.yaml
@@ -83,6 +83,7 @@ server:
     allowedheaders:
       - ACCEPT
       - Authorization
+      - Connect-Protocol-Version
       - Content-Type
       - X-CSRF-Token
       - X-Request-ID