diff --git a/gateway/models.py b/gateway/models.py
index 5221a25..f33965c 100644
--- a/gateway/models.py
+++ b/gateway/models.py
@@ -36,6 +36,13 @@ class AuthConfiguration(BaseModel):
     issuer_url: str
 
 
+class KeycloakConfig(BaseModel):
+    """Keycloak configuration."""
+    realm: str
+    url: str
+    clientId: str
+
+
 class GatewayFormData(FormData):
     """Specialized form model with methods for parsing field data as well as uploaded files."""
 
diff --git a/gateway/routers/metadata.py b/gateway/routers/metadata.py
new file mode 100644
index 0000000..11c2431
--- /dev/null
+++ b/gateway/routers/metadata.py
@@ -0,0 +1,28 @@
+"""EPs for various metata for the frontend."""
+
+from fastapi import APIRouter
+
+from gateway.conf import gateway_settings
+from gateway.models import KeycloakConfig
+
+metadata_router = APIRouter(
+    # dependencies=[Security(oauth2_scheme)],
+    tags=["Metadata"],
+    responses={404: {"description": "Not found"}},
+)
+
+
+@metadata_router.get("/metadata/keycloakConfig", response_model=KeycloakConfig)
+async def get_keycloak_config():
+    """Return keycloak metadata for the frontend."""
+    return {
+        "realm": gateway_settings.IDP_REALM,
+        "url": gateway_settings.IDP_URL,
+        "clientId": "node-ui-app",
+    }
+
+
+@metadata_router.get("/metadata/version")
+async def get_node_version():
+    """Return version of the node software/API."""
+    return "0.1.0-version"
diff --git a/gateway/server.py b/gateway/server.py
index 4490988..e4ea5b4 100644
--- a/gateway/server.py
+++ b/gateway/server.py
@@ -2,10 +2,12 @@
 import uvicorn
 from fastapi import FastAPI
 from starlette import status
+from starlette.middleware.cors import CORSMiddleware
 
 from gateway.auth import idp_settings
 from gateway.models import HealthCheck
 from gateway.routers.k8s import k8s_router
+from gateway.routers.metadata import metadata_router
 from gateway.routers.results import results_router
 
 # API metadata
@@ -27,15 +29,14 @@
     },
 )
 
-
-# app.add_middleware(
-#     CORSMiddleware,
-#     allow_origins="*",
-#     allow_credentials=True,
-#     allow_methods=["*"],
-#     allow_headers=["*"],
-#     expose_headers=["*"],
-# )
+app.add_middleware(
+    CORSMiddleware,
+    allow_origins="*",
+    allow_credentials=True,
+    allow_methods=["*"],
+    allow_headers=["*"],
+    expose_headers=["*"],
+)
 
 
 @app.get(
@@ -67,5 +68,9 @@ def get_health() -> HealthCheck:
     results_router,
 )
 
+app.include_router(
+    metadata_router,
+)
+
 if __name__ == "__main__":
     uvicorn.run("server:app", host="127.0.0.1", port=8081)