diff --git a/routes/cors.go b/routes/cors.go
new file mode 100644
index 0000000..9138004
--- /dev/null
+++ b/routes/cors.go
@@ -0,0 +1,16 @@
+package routes
+
+import (
+	"github.com/labstack/echo"
+	"net/http"
+)
+
+// SetCORSHeader sets relevant CORS headers for Cross-Site-Requests to the api
+func SetCORSHeader (c echo.Context) error {
+	res := c.Response()
+	res.Header().Set("Access-Control-Allow-Origin", "*")
+	res.Header().Set("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE")
+	res.Header().Set("Access-Control-Allow-Headers", "authorization,content-type")
+	res.Header().Set("Access-Control-Expose-Headers", "authorization,content-type")
+	return c.String(http.StatusOK, "")
+}
\ No newline at end of file
diff --git a/routes/routes.go b/routes/routes.go
index a682ba8..dca7526 100644
--- a/routes/routes.go
+++ b/routes/routes.go
@@ -26,6 +26,10 @@ func NewEcho() *echo.Echo {
 // RegisterRoutes registers all routes for the application
 func RegisterRoutes(e *echo.Echo) {
 
+	// CORS
+	e.OPTIONS("/login", SetCORSHeader)
+	e.OPTIONS("/api/v1/books", SetCORSHeader)
+
 	// Basic Route
 	e.Static("/", "assets/index.html")