diff --git a/services/identity/src/config.rs b/services/identity/src/config.rs
--- a/services/identity/src/config.rs
+++ b/services/identity/src/config.rs
@@ -9,8 +9,8 @@
 use url::Url;
 
 use crate::constants::{
-  cors::ALLOW_ORIGIN_LIST, cors::PROD_ORIGIN_HOST_STR, BACKUP_SERVICE_URL,
-  BLOB_SERVICE_URL, DEFAULT_BACKUP_SERVICE_URL, DEFAULT_BLOB_SERVICE_URL,
+  cors::ALLOW_ORIGIN_LIST, BACKUP_SERVICE_URL, BLOB_SERVICE_URL,
+  DEFAULT_BACKUP_SERVICE_URL, DEFAULT_BLOB_SERVICE_URL,
   DEFAULT_OPENSEARCH_ENDPOINT, DEFAULT_TUNNELBROKER_ENDPOINT,
   KEYSERVER_PUBLIC_KEY, LOCALSTACK_ENDPOINT, OPAQUE_SERVER_SETUP,
   OPENSEARCH_ENDPOINT, REDACT_SENSITIVE_DATA, SECRETS_DIRECTORY,
@@ -180,7 +180,6 @@
 pub enum InvalidOriginError {
   InvalidScheme,
   MissingHost,
-  MissingPort,
   ParseError,
 }
 
@@ -231,15 +230,9 @@
   if !matches!(url.scheme(), "http" | "https") {
     return Err(Error::InvalidOrigin(InvalidOriginError::InvalidScheme));
   };
-  let Some(host_str) = url.host_str() else {
+  if url.host_str().is_none() {
     return Err(Error::InvalidOrigin(InvalidOriginError::MissingHost));
   };
-  if host_str == PROD_ORIGIN_HOST_STR {
-    return Ok(());
-  }
-  if url.port().is_none() {
-    return Err(Error::InvalidOrigin(InvalidOriginError::MissingPort));
-  };
   Ok(())
 }
 
@@ -276,7 +269,6 @@
 
   #[test]
   fn test_valid_origin_missing_port() {
-    // If the host is web.comm.app, we do not require a port
     let valid_origin = "https://web.comm.app";
     assert!(
       validate_origin(valid_origin).is_ok(),
@@ -284,16 +276,6 @@
     );
   }
 
-  #[test]
-  fn test_invalid_origin_missing_port() {
-    // If the host is not web.comm.app, we require a port
-    let invalid_origin = "http://localhost";
-    assert!(
-      validate_origin(invalid_origin).is_err(),
-      "Expected an invalid origin (missing port), but got a valid one"
-    );
-  }
-
   #[test]
   fn test_invalid_origin_invalid_scheme() {
     // We only allow http and https origins
diff --git a/services/identity/src/constants.rs b/services/identity/src/constants.rs
--- a/services/identity/src/constants.rs
+++ b/services/identity/src/constants.rs
@@ -337,7 +337,6 @@
     super::request_metadata::ACCESS_TOKEN,
   ];
   pub const ALLOW_ORIGIN_LIST: &str = "ALLOW_ORIGIN_LIST";
-  pub const PROD_ORIGIN_HOST_STR: &str = "web.comm.app";
 }
 
 // Tracing