diff --git a/hosting/docker-compose.yaml b/hosting/docker-compose.yaml
index 84d99a8310..560b273668 100644
--- a/hosting/docker-compose.yaml
+++ b/hosting/docker-compose.yaml
@@ -51,8 +51,6 @@ services:
       INTERNAL_API_KEY: ${INTERNAL_API_KEY}
       REDIS_URL: redis-service:6379
       REDIS_PASSWORD: ${REDIS_PASSWORD}
-      CORS_ORIGIN: ${CORS_ORIGIN}
-      CORS_CREDENTIALS: ${CORS_CREDENTIALS}
     volumes:
       - ./logs:/logs
     depends_on:
diff --git a/packages/worker/package.json b/packages/worker/package.json
index 7b7675d9b7..446b3dcf5f 100644
--- a/packages/worker/package.json
+++ b/packages/worker/package.json
@@ -34,7 +34,6 @@
     "joi": "^17.4.0",
     "koa": "^2.7.0",
     "koa-body": "^4.2.0",
-    "@koa/cors": "^3.1.0",
     "koa-compress": "^4.0.1",
     "koa-passport": "^4.1.4",
     "koa-pino-logger": "^3.0.0",
diff --git a/packages/worker/scripts/dev/manage.js b/packages/worker/scripts/dev/manage.js
index a0c8c7fd10..3879bbeaae 100644
--- a/packages/worker/scripts/dev/manage.js
+++ b/packages/worker/scripts/dev/manage.js
@@ -21,9 +21,6 @@ async function init() {
       COUCH_DB_PASSWORD: "budibase",
       // empty string is false
       MULTI_TENANCY: "",
-      // account portal cors configuration
-      CORS_ORIGIN: "http://localhost:3001",
-      CORS_CREDENTIALS: true,
     }
     let envFile = ""
     Object.keys(envFileJson).forEach(key => {
diff --git a/packages/worker/src/environment.js b/packages/worker/src/environment.js
index a88cc9041b..07549331ea 100644
--- a/packages/worker/src/environment.js
+++ b/packages/worker/src/environment.js
@@ -33,8 +33,6 @@ module.exports = {
   INTERNAL_API_KEY: process.env.INTERNAL_API_KEY,
   MULTI_TENANCY: process.env.MULTI_TENANCY,
   SANDBOX: process.env.SANDBOX,
-  CORS_ORIGIN: process.env.CORS_ORIGIN,
-  CORS_CREDENTIALS: process.env.CORS_CREDENTIALS,
   _set(key, value) {
     process.env[key] = value
     module.exports[key] = value
diff --git a/packages/worker/src/index.js b/packages/worker/src/index.js
index dcc92a0654..8af1380552 100644
--- a/packages/worker/src/index.js
+++ b/packages/worker/src/index.js
@@ -6,7 +6,6 @@ const Koa = require("koa")
 const destroyable = require("server-destroy")
 const koaBody = require("koa-body")
 const koaSession = require("koa-session")
-const cors = require("@koa/cors")
 const { passport } = require("@budibase/auth").auth
 const logger = require("koa-pino-logger")
 const http = require("http")
@@ -15,16 +14,6 @@ const redis = require("./utilities/redis")
 
 const app = new Koa()
 
-// TODO: Remove this when using envoy / nginx
-if (env.CORS_ORIGIN) {
-  const corsConfig = {
-    origin: env.CORS_ORIGIN,
-    credentials: !!env.CORS_CREDENTIALS,
-  }
-
-  app.use(cors(corsConfig))
-}
-
 app.keys = ["secret", "key"]
 
 // set up top level koa middleware