diff --git a/services/arbiter-3.0/src/index.js b/services/arbiter-3.0/src/index.js
index e0c1b43..6cba1af 100644
--- a/services/arbiter-3.0/src/index.js
+++ b/services/arbiter-3.0/src/index.js
@@ -46,14 +46,6 @@ app.use('/stripe/webhook', stripeRoutes);
 app.use(express.json());
 app.use(express.urlencoded({ extended: true }));
 
-// CORS configuration - Allow Stripe checkout requests from website
-app.use('/stripe/create-checkout-session', cors({
-  origin: ['https://firefrostgaming.com', 'https://www.firefrostgaming.com'],
-  methods: ['POST', 'OPTIONS'],
-  credentials: false,
-  optionsSuccessStatus: 200
-}));
-
 // Make Discord client accessible to routes
 app.locals.client = client;
 
diff --git a/services/arbiter-3.0/src/routes/stripe.js b/services/arbiter-3.0/src/routes/stripe.js
index 5cb3e17..5897f93 100644
--- a/services/arbiter-3.0/src/routes/stripe.js
+++ b/services/arbiter-3.0/src/routes/stripe.js
@@ -6,15 +6,24 @@
 
 const express = require('express');
 const router = express.Router();
+const cors = require('cors');
 const stripe = require('stripe')(process.env.STRIPE_SECRET_KEY);
 const db = require('../database');
 
+// CORS configuration for checkout endpoint
+const corsOptions = {
+  origin: ['https://firefrostgaming.com', 'https://www.firefrostgaming.com'],
+  methods: ['POST', 'OPTIONS'],
+  credentials: false,
+  optionsSuccessStatus: 200
+};
+
 /**
  * CREATE CHECKOUT SESSION
  * POST /stripe/create-checkout-session
- * Body: { priceId, discordId }
+ * Body: { tier_level }
  */
-router.post('/create-checkout-session', async (req, res) => {
+router.post('/create-checkout-session', cors(corsOptions), async (req, res) => {
   try {
     const { priceId, discordId } = req.body;