Thanks for explaining. It does seem to work when I run JavaScript code from an imported custom component. I was wondering if I could replicate this same behavior in Retool JS queries?
I don't really have any security concerns since I am running all of this on-prem.
Of course no problem.
This is one of the more unique 'quirks' of Retool and we have many users asking about how they can change the request origin 
That makes sense that you can run JS code from a custom component, but I was under the impression that those requests would still have an origin of null.
Retool JS queries will definitely have an origin of null 
I helped another user think of a work around where they used a proxy/AWS Lambda to make a request to another server, and then have that server make the request that they wanted to make. This way the middle man/proxy is able to set their origin and then forward traffic back to the Retool app.
It is definitely a tedious process but it would be able to get around the null origin issue!