diff --git a/Backend/src/main/java/de/itsolutions/ticketsystem/config/SecurityConfig.java b/Backend/src/main/java/de/itsolutions/ticketsystem/config/SecurityConfig.java
index a07d7f1..080033a 100644
--- a/Backend/src/main/java/de/itsolutions/ticketsystem/config/SecurityConfig.java
+++ b/Backend/src/main/java/de/itsolutions/ticketsystem/config/SecurityConfig.java
@@ -37,6 +37,7 @@ public class SecurityConfig {
                 .authorizeHttpRequests(auth -> auth
                         .requestMatchers("/api/auth/**", "/api/rooms/**").permitAll()
                         .requestMatchers(org.springframework.http.HttpMethod.POST, "/api/auth/register").permitAll() // Explicitly permit POST register
+                        .requestMatchers(org.springframework.http.HttpMethod.OPTIONS, "/**").permitAll() // Permit all preflight requests
                         .anyRequest().authenticated()
                 )
                 .httpBasic(basic -> {});