diff --git a/portal-ui/src/api/index.ts b/portal-ui/src/api/index.ts
index 992f56f8ec..9232095f68 100644
--- a/portal-ui/src/api/index.ts
+++ b/portal-ui/src/api/index.ts
@@ -1,6 +1,7 @@
 import { Api, HttpResponse, Error, FullRequestParams } from "./consoleApi";
 
 export let api = new Api();
+api.baseUrl = `${new URL(document.baseURI).pathname}api/v1`;
 const internalRequestFunc = api.request;
 api.request = async <T = any, E = any>({
   body,
diff --git a/restapi/ws_handle.go b/restapi/ws_handle.go
index da2985b47b..5ce0348f87 100644
--- a/restapi/ws_handle.go
+++ b/restapi/ws_handle.go
@@ -148,8 +148,11 @@ func serveWS(w http.ResponseWriter, req *http.Request) {
 		errorsApi.ServeError(w, req, errorsApi.New(http.StatusUnauthorized, err.Error()))
 		return
 	}
-	// Development mode validation
-	if getConsoleDevMode() {
+
+	// If we are using a subpath we are most likely behind a reverse proxy so we most likely
+	// can't validate the proper Origin since we don't know the source domain, so we are going
+	// to allow the connection to be upgraded in this case.
+	if getSubPath() != "/" || getConsoleDevMode() {
 		upgrader.CheckOrigin = func(r *http.Request) bool {
 			return true
 		}