diff --git a/apps/common/middleware/cross_domain_middleware.py b/apps/common/middleware/cross_domain_middleware.py
index dedfa1691..68ae82c16 100644
--- a/apps/common/middleware/cross_domain_middleware.py
+++ b/apps/common/middleware/cross_domain_middleware.py
@@ -25,7 +25,9 @@ class CrossDomainMiddleware(MiddlewareMixin):
     def process_response(self, request, response):
         auth = request.META.get('HTTP_AUTHORIZATION')
         origin = request.META.get('HTTP_ORIGIN')
-        if auth is not None and str(auth).startswith("Bearer application-") and origin is not None:
+
+        if auth is not None and any([str(auth).startswith(prefix) for prefix in
+                                     ['Bearer application-', 'Bearer agent-']]) and origin is not None:
             application_api_key = get_application_api_key(str(auth), True)
             cross_domain_list = application_api_key.get('cross_domain_list', [])
             allow_cross_domain = application_api_key.get('allow_cross_domain', False)