diff --git a/README.md b/README.md
index 2ef4736..0e44cb3 100644
--- a/README.md
+++ b/README.md
@@ -73,7 +73,6 @@ Or do it manually:
 ```sh
 > ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["http://localhost:3000", "https://share.ipfs.io"]'
 > ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '["PUT", "GET", "POST"]'
-> ipfs config --json API.HTTPHeaders.Access-Control-Allow-Credentials '["true"]'
 ```
 
 To reset the config to its default state run:
diff --git a/cors-config.sh b/cors-config.sh
index 350077b..ae8e73e 100755
--- a/cors-config.sh
+++ b/cors-config.sh
@@ -7,7 +7,6 @@ set -e
 
 ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin "[$ALLOW_ORIGINS]"
 ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '["PUT", "GET", "POST"]'
-ipfs config --json API.HTTPHeaders.Access-Control-Allow-Credentials '["true"]'
 
 echo "IPFS API CORS headers configured for $ALLOW_ORIGINS"
 echo "Please restart your IPFS daemon"
diff --git a/src/components/box/Box.js b/src/components/box/Box.js
index 8260976..feb0de6 100644
--- a/src/components/box/Box.js
+++ b/src/components/box/Box.js
@@ -52,7 +52,6 @@ export const RawBoxNotAvailable = ({ t }) => (
     <div className='pa3 bg-black-80 bt bw4 br2 gray-muted f7 nowrap overflow-x-scroll'>
       <code className='db'>$ ipfs config --json API.HTTPHeaders.Access-Control-Allow-Origin '["{ window.location.origin }", "https://share.ipfs.io"]'</code>
       <code className='db'>$ ipfs config --json API.HTTPHeaders.Access-Control-Allow-Methods '["PUT", "GET", "POST"]'</code>
-      <code className='db'>$ ipfs config --json API.HTTPHeaders.Access-Control-Allow-Credentials '["true"]'</code>
     </div>
     <p className='mv3 navy f6 lh-copy'>{t('box.runDaemon')}</p>
     <div className='pa3 bg-black-80 bt bw4 br2 gray-muted f7 nowrap overflow-x-scroll'>