I've just upgraded my Web App Builder to version 2.12 and have associated it with my Portal that is running 10.6.1.
I can successfully open Web App Builder and create a project however only when I don't enter values in the Portals Security Allow Origins field.
This seems to be at odds with the following technical document https://support.esri.com/en/technical-article/000018879 that suggest that Web App Builder won't work unless your machinename.domain is added to the Allow Origins white list ?
If I add the domain name of the machine to the Allow Origins I get a continuous login redirect when I try to approve access to the portal.
I was going to add the following to the Allow Origins to restrict CORS requests - my domain e.g. https://xyz.com