diff --git a/.gitignore b/.gitignore
index 005e1f7506c3522250d5697069561c933b1eaf5f..3f9862f4fe056a7433bbbc054a0eeb18d4055c09 100644
--- a/.gitignore
+++ b/.gitignore
@@ -55,3 +55,5 @@ nbactions.xml
 .vscode/
 
 /gms-ui/target/
+/gms/nbactions-release-profile.xml
+
diff --git a/gms-ui/src/api/server/index.js b/gms-ui/src/api/server/index.js
index c78982a0fab1d573a51d7dfcf6b18ed1fd853d7f..389498988f25284c54a7daa65696a3fc1258cfd0 100644
--- a/gms-ui/src/api/server/index.js
+++ b/gms-ui/src/api/server/index.js
@@ -4,12 +4,12 @@ export default {
   fetchMainModel () {
     return fetch(BASE_API_URL + 'groups?groupId=ROOT&tab=groups&paginatorPageSize=20&paginatorPage=1', {
       method: 'GET',
-      mode: 'cors',
       cache: 'no-cache',
       credentials: 'include',
       headers: {
-        'Content-Type': 'application/json'
+        'Content-Type': 'application/json',
+        'Accept': 'application/json',
       }
-    });
+    }).then(response => response.json());
   }
 };
diff --git a/gms-ui/src/components/GroupsPanel.vue b/gms-ui/src/components/GroupsPanel.vue
index 87a0b25eda093fca2b426bf03275db9ea91b2db0..d2d2558775c02cb580d2495231aab1c6b06453bf 100644
--- a/gms-ui/src/components/GroupsPanel.vue
+++ b/gms-ui/src/components/GroupsPanel.vue
@@ -6,7 +6,7 @@
       </b-col>
     </b-row>
     <div id="groups-list">
-      <b-list-group v-for="group in model.groupsPanel.groups">
+      <b-list-group v-for="group in model.groupsPanel.items">
         <b-list-group-item href="#">
           <span class="float-left">{{group.name}}</span>
           <span v-if="group.permission === 'ADMIN'" class="float-right">
@@ -23,9 +23,9 @@
     <div class="row">
       <div class="col-md-9">
         <b-pagination
-          v-model="model.groupsPanel.paginator.page"
-          :total-rows="model.groupsPanel.paginator.totalItems"
-          :per-page="model.groupsPanel.paginator.pageSize"
+          v-model="model.groupsPanel.currentPage"
+          :total-rows="model.groupsPanel.totalItems"
+          :per-page="model.groupsPanel.pageSize"
           aria-controls="groups-list"
           align="center"
           v-on:change="setPage"
@@ -57,7 +57,7 @@ export default {
   },
   data: function() {
     return {
-      selectedPageSize: this.model.groupsPanel.paginator.pageSize,
+      selectedPageSize: this.model.groupsPanel.pageSize,
       pageSizeOptions: [
         { value: 20, text: "20" },
         { value: 50, text: "50" },
diff --git a/gms-ui/src/components/MembersPanel.vue b/gms-ui/src/components/MembersPanel.vue
index f9d3939a8d227bad165b8624692e8cd536d97ed8..f11b9608449b486aac6e3353630cb77feeed09da 100644
--- a/gms-ui/src/components/MembersPanel.vue
+++ b/gms-ui/src/components/MembersPanel.vue
@@ -1,5 +1,5 @@
 <template>
-  <b-tab title="Members">
+  <b-tab title="Members" v-if="model.membersPanel !== null">
     <b-list-group v-for="member in model.membersPanel.members" id="members-list">
       <b-list-group-item href="#">
         {{member.label}}
diff --git a/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java b/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
index ea8e3175bfd73846ba8b275c654894879ed80424..42fa7388f43e7a51de285fcec97ba8925fe88f24 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/authn/SecurityConfig.java
@@ -1,17 +1,55 @@
 package it.inaf.ia2.gms.authn;
 
+import java.util.Arrays;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.autoconfigure.security.oauth2.client.EnableOAuth2Sso;
+import org.springframework.boot.web.servlet.FilterRegistrationBean;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
+import org.springframework.core.Ordered;
+import org.springframework.core.env.Environment;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.web.cors.CorsConfiguration;
+import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
+import org.springframework.web.filter.CorsFilter;
 
 @Configuration
 @EnableOAuth2Sso
 public class SecurityConfig extends WebSecurityConfigurerAdapter {
 
+    @Autowired
+    private Environment env;
+
+    @Value("${cors.allowed.origin}")
+    private String corsAllowedOrigin;
+
     @Override
     public void configure(HttpSecurity http) throws Exception {
+
         super.configure(http);
+
+        if (Arrays.asList(env.getActiveProfiles()).contains("dev")) {
+            http.authorizeRequests()
+                    .antMatchers(HttpMethod.OPTIONS, "/**").permitAll();
+        }
+
         http.csrf().disable();
     }
+
+    @Bean
+    @Profile("dev")
+    public FilterRegistrationBean corsFilter() {
+        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
+        CorsConfiguration config = new CorsConfiguration().applyPermitDefaultValues();
+        config.setAllowedOrigins(Arrays.asList(corsAllowedOrigin));
+        config.setAllowCredentials(true);
+        source.registerCorsConfiguration("/**", config);
+        FilterRegistrationBean bean = new FilterRegistrationBean(new CorsFilter(source));
+        bean.setOrder(Ordered.HIGHEST_PRECEDENCE);
+        return bean;
+    }
 }
diff --git a/gms/src/main/java/it/inaf/ia2/gms/model/GroupNode.java b/gms/src/main/java/it/inaf/ia2/gms/model/GroupNode.java
index 6ca71a1e443eb6815c707eb81837e026d6b15e57..ccdaf286a6d995ac2ad29bba701abada20d95cee 100644
--- a/gms/src/main/java/it/inaf/ia2/gms/model/GroupNode.java
+++ b/gms/src/main/java/it/inaf/ia2/gms/model/GroupNode.java
@@ -1,5 +1,6 @@
 package it.inaf.ia2.gms.model;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
 import java.util.ArrayList;
 import java.util.Collections;
 import java.util.HashSet;
@@ -17,6 +18,7 @@ public class GroupNode {
         permissions = new HashSet<>();
     }
 
+    @JsonProperty("id")
     public String getGroupId() {
         return groupId;
     }
@@ -25,6 +27,7 @@ public class GroupNode {
         this.groupId = groupId;
     }
 
+    @JsonProperty("name")
     public String getGroupName() {
         return groupName;
     }
diff --git a/gms/src/main/resources/application.properties b/gms/src/main/resources/application.properties
index 683fc405c5dd42a69843d8142b875ee784a0967b..2f8ac50a1b54e5f22f17883db1f012879f7fb990 100644
--- a/gms/src/main/resources/application.properties
+++ b/gms/src/main/resources/application.properties
@@ -17,4 +17,8 @@ spring.datasource.username=gms
 spring.datasource.password=gms
 #spring.jpa.open-in-view=false
 
-rap.ws-url=http://localhost/rap-ia2/ws
\ No newline at end of file
+rap.ws-url=http://localhost/rap-ia2/ws
+
+# For development only:
+spring.profiles.active=dev
+cors.allowed.origin=http://localhost:8080