I haven't come across any documentation / references for such a requirement, the one that might help you is related to portals : https://www.fishbowlsolutions.com/2014/01/11g-ajax-authentication-for-webcenter-portals-rest-api-and-content/
Thanks, that page had the sample code I was looking for. But, When I try to call the "j_security_ckeck" URL I get the
Access to XMLHttpRequest at 'http://xxxxxxxxxx.xx/cs/login/j_security_check' from origin 'http://root.lh:81' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
So I cannot access this URL from outside the WCC domain. KAn I configure the origins from where connections can be allowed?