Allow-list guidance
Customers on Colo-EU properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.eu; |
script-src | *.kampyle.com *.medallia.eu; |
frame-src | *.kampyle.com *.medallia.eu; |
font-src | *.kampyle.com *.medallia.eu; |
img-src | *.kampyle.com *.medallia.eu; |
style-src | *.kampyle.com *.medallia.eu; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://ubt.digital-cloud.medallia.eu https://analytics-fe.digital-cloud.medallia.eu; |
script-src | https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://analytics-fe.digital-cloud.medallia.eu; |
frame-src | https://resources.digital-cloud.medallia.eu; |
font-src | https://resources.digital-cloud.medallia.eu; |
img-src | https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://analytics-fe.digital-cloud.medallia.eu; |
style-src | https://resources.digital-cloud.medallia.eu https://md-scp.kampyle.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on Colo-UK properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.eu; |
script-src | *.kampyle.com *.medallia.eu; |
frame-src | *.kampyle.com *.medallia.eu; |
font-src | *.kampyle.com *.medallia.eu; |
img-src | *.kampyle.com *.medallia.eu; |
style-src | *.kampyle.com *.medallia.eu; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.eu https://ubt-lb.digital-cloud-uk.medallia.eu https://analytics-fe.digital-cloud-uk.medallia.eu; |
script-src | https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.eu https://analytics-fe.digital-cloud-uk.medallia.eu; |
frame-src | https://resources.digital-cloud-uk.medallia.com; |
font-src | https://resources.digital-cloud-uk.medallia.eu; |
img-src | https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.euhttps://analytics-fe.digital-cloud-uk.medallia.eu; |
style-src | https://resources.digital-cloud-uk.medallia.eu https://md-scp.kampyle.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on Colo-US (SC4) properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.com; |
script-src | *.kampyle.com *.medallia.com; |
frame-src | *.kampyle.com *.medallia.com; |
font-src | *.kampyle.com *.medallia.com; |
img-src | *.kampyle.com *.medallia.com; |
style-src | *.kampyle.com *.medallia.com; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://ubt-lb.digital-cloud.medallia.com https://analytics-fe.digital-cloud.medallia.com; |
script-src | https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://analytics-fe.digital-cloud.medallia.com; |
frame-src | https://resources.digital-cloud.medallia.com; |
font-src | https://resources.digital-cloud.medallia.com; |
img-src | https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://analytics-fe.digital-cloud.medallia.com; |
style-src | https://resources.digital-cloud.medallia.com https://md-scp.kampyle.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on Colo-West (SEA1) properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.com; |
script-src | *.kampyle.com *.medallia.com; |
frame-src | *.kampyle.com *.medallia.com; |
font-src | *.kampyle.com *.medallia.com; |
img-src | *.kampyle.com *.medallia.com; |
style-src | *.kampyle.com *.medallia.com; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://ubt-lb.digital-cloud-west.medallia.com https://analytics-fe.digital-cloud-west.medallia.com; |
script-src | https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://analytics-fe.digital-cloud-west.medallia.com; |
frame-src | https://resources.digital-cloud-west.medallia.com; |
font-src | https://resources.digital-cloud-west.medallia.com; |
img-src | https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://analytics-fe.digital-cloud-west.medallia.com; |
style-src | https://resources.digital-cloud-west.medallia.com https://md-scp.kampyle.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on Colo-Canada properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.ca; |
script-src | *.kampyle.com *.medallia.ca; |
frame-src | *.kampyle.com *.medallia.ca; |
font-src | *.kampyle.com *.medallia.ca; |
img-src | *.kampyle.com *.medallia.ca; |
style-src | *.kampyle.com *.medallia.ca; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://resources.digital-cloud.medallia.ca https://ubt-lb.digital-cloud.medallia.ca https://analytics-fe.digital-cloud.medallia.ca; |
script-src | https://md-scp.kampyle.com https://resources.digital-cloud.medallia.ca https://analytics-fe.digital-cloud.medallia.ca; |
frame-src | https://resources.digital-cloud.medallia.ca; |
font-src | https://resources.digital-cloud.medallia.ca; |
img-src | https://md-scp.kampyle.com https://resources.digital-cloud.medallia.ca https://analytics-fe.digital-cloud.medallia.ca; |
style-src | https://resources.digital-cloud.medallia.ca https://md-scp.kampyle.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on DHH US (SC4) properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.digital-cloud-prem.medallia.com; |
script-src | *.digital-cloud-prem.medallia.com; |
frame-src | *.digital-cloud-prem.medallia.com; |
font-src | *.digital-cloud-prem.medallia.com; |
img-src | *.digital-cloud-prem.medallia.com; |
style-src | *.digital-cloud-prem.medallia.com; |
base-uri | *.digital-cloud-prem.medallia.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://resources.digital-cloud-prem.medallia.com https://ubt-lb.digital-cloud-prem.medallia.com https://analytics-fe.digital-cloud-prem.medallia.com; |
script-src | https://md-scp.kampyle.com https://resources.digital-cloud-prem.medallia.com https://analytics-fe.digital-cloud-prem.medallia.com; |
frame-src | https://resources.digital-cloud-prem.medallia.com; |
font-src | https://resources.digital-cloud-prem.medallia.com; |
img-src | https://resources.digital-cloud-prem.medallia.com https://analytics-fe.digital-cloud-prem.medallia.com; |
style-src | https://resources.digital-cloud-prem.medallia.com ; |
Customers on DHH EU (FRA1) properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.digital-cloud-prem.medallia.eu; |
script-src | *.digital-cloud-prem.medallia.eu; |
frame-src | *.digital-cloud-prem.medallia.eu; |
font-src | *.digital-cloud-prem.medallia.eu; |
img-src | *.digital-cloud-prem.medallia.eu; |
style-src | *.digital-cloud-prem.medallia.eu; |
base-uri | *.digital-cloud-prem.medallia.eu; |
If the CSP is not using wildcards, allow these domains:
connect-src | ghttps://resources.digital-cloud-prem.medallia.eu https://ubt.digital-cloud-prem.medallia.eu https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-prem.medallia.eu; |
script-src | https://resources.digital-cloud-prem.medallia.eu https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-prem.medallia.eu; |
frame-src | https://resources.digital-cloud-prem.medallia.eu; |
font-src | https://resources.digital-cloud-prem.medallia.eu; |
img-src | https://resources.digital-cloud-prem.medallia.eu https://analytics-fe.digital-cloud-prem.medallia.eu; |
style-src | https://resources.digital-cloud-prem.medallia.eu; |
Customers on Singapore properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.com; |
script-src | *.kampyle.com *.medallia.com; |
frame-src | *.kampyle.com *.medallia.com; |
font-src | *.kampyle.com *.medallia.com; |
img-src | *.kampyle.com *.medallia.com; |
style-src | *.kampyle.com *.medallia.com; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://resources.digital-cloud-sin1.medallia.com https://ubt.digital-cloud-sin1.medallia.com https://analytics-fe.digital-cloud-sin1.medallia.com; |
script-src | https://md-scp.kampyle.com https://resources.digital-cloud-sin1.medallia.com https://analytics-fe.digital-cloud-sin1.medallia.com; |
frame-src | https://resources.digital-cloud-sin1.medallia.com; |
font-src | https://resources.digital-cloud-sin1.medallia.com; |
img-src | https://md-scp.kampyle.com https://resources.digital-cloud-sin1.medallia.com https://analytics-fe.digital-cloud-sin1.medallia.com; |
style-src | https://md-scp.kampyle.com https://resources.digital-cloud-sin1.medallia.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on PHX1 properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.com; |
script-src | *.kampyle.com *.medallia.com; |
frame-src | *.kampyle.com *.medallia.com; |
font-src | *.kampyle.com *.medallia.com; |
img-src | *.kampyle.com *.medallia.com; |
style-src | *.kampyle.com *.medallia.com; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://resources.digital-cloud-phx1.medallia.com https://ubt.digital-cloud-phx1.medallia.com https://analytics-fe.digital-cloud-phx1.medallia.com; |
script-src | https://md-scp.kampyle.com https://resources.digital-cloud-phx1.medallia.com https://analytics-fe.digital-cloud-phx1.medallia.com; |
frame-src | https://resources.digital-cloud-phx1.medallia.com; |
font-src | https://resources.digital-cloud-phx1.medallia.com; |
img-src | https://md-scp.kampyle.com https://resources.digital-cloud-phx1.medallia.com https://analytics-fe.digital-cloud-phx1.medallia.com; |
style-src | https://md-scp.kampyle.com https://resources.digital-cloud-phx1.medallia.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on JED1 properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.com; |
script-src | *.kampyle.com *.medallia.com; |
frame-src | *.kampyle.com *.medallia.com; |
font-src | *.kampyle.com *.medallia.com; |
img-src | *.kampyle.com *.medallia.com; |
style-src | *.kampyle.com *.medallia.com; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://resources.digital-cloud-jed1.medallia.com https://ubt.digital-cloud-jed1.medallia.com https://analytics-fe.digital-cloud-jed1.medallia.com; |
script-src | https://md-scp.kampyle.com https://resources.digital-cloud-jed1.medallia.com https://analytics-fe.digital-cloud-jed1.medallia.com; |
frame-src | https://resources.digital-cloud-jed1.medallia.com; |
font-src | https://resources.digital-cloud-jed1.medallia.com; |
img-src | https://md-scp.kampyle.com https://resources.digital-cloud-jed1.medallia.com https://analytics-fe.digital-cloud-jed1.medallia.com; |
style-src | https://md-scp.kampyle.com https://resources.digital-cloud-jed1.medallia.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on HND1 properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.com; |
script-src | *.kampyle.com *.medallia.com; |
frame-src | *.kampyle.com *.medallia.com; |
font-src | *.kampyle.com *.medallia.com; |
img-src | *.kampyle.com *.medallia.com; |
style-src | *.kampyle.com *.medallia.com; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://resources.digital-cloud-hnd1.medallia.com https://ubt.digital-cloud-hnd1.medallia.comhttps://analytics-fe.digital-cloud-hnd1.medallia.com; |
script-src | https://md-scp.kampyle.com https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com https://analytics-fe.digital-cloud-hnd1.medallia.com; |
frame-src | https://resources.digital-cloud-hnd1.medallia.com; |
font-src | https://resources.digital-cloud-hnd1.medallia.com; |
img-src | https://md-scp.kampyle.com https://resources.digital-cloud-hnd1.medallia.com https://analytics-fe.digital-cloud-hnd1.medallia.com; |
style-src | https://md-scp.kampyle.com https://resources.digital-cloud-hnd1.medallia.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on GovCloud staging properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.medallia.com; |
script-src | *.medallia.com; |
frame-src | *.medallia.com; |
font-src | *.medallia.com; |
img-src | *.medallia.com; |
style-src | *.medallia.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://resources.digital-cloud-gov-stg.medallia.com https://ubt-lb.digital-cloud-gov-stg.medallia.com https://analytics-fe.digital-cloud-gov-stg.medallia.com; |
script-src | https://resources.digital-cloud-gov-stg.medallia.com https://analytics-fe.digital-cloud-gov-stg.medallia.com; |
frame-src | https://resources.digital-cloud-gov-stg.medallia.com; |
font-src | https://resources.digital-cloud-gov-stg.medallia.com; |
img-src | https://resources.digital-cloud-gov-stg.medallia.com https://analytics-fe.digital-cloud-gov-stg.medallia.com; |
style-src | https://resources.digital-cloud-gov-stg.medallia.com; |
Customers on GovCloud production properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.medallia.com; |
script-src | *.medallia.com; |
frame-src | *.medallia.com; |
font-src | *.medallia.com; |
img-src | *.medallia.com; |
style-src | *.medallia.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://resources.digital-cloud-gov.medallia.com https://ubt.digital-cloud-gov.medallia.com https://analytics-fe.digital-cloud-gov.medallia.com; |
script-src | https://resources.digital-cloud-gov.medallia.com https://analytics-fe.digital-cloud-gov.medallia.com; |
frame-src | https://resources.digital-cloud-gov.medallia.com; |
font-src | https://resources.digital-cloud-gov.medallia.com; |
img-src | https://resources.digital-cloud-gov.medallia.com https://analytics-fe.digital-cloud-gov.medallia.com; |
style-src | https://resources.digital-cloud-gov.medallia.com; |
Customers on GovCloud VA properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.medallia.com; |
script-src | *.medallia.com; |
frame-src | *.medallia.com; |
font-src | *.medallia.com; |
img-src | *.medallia.com; |
style-src | *.medallia.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://resource.digital.voice.va.gov https://ubt.digital.voice.va.gov https://analytics-fe.digital.voice.va.gov; |
script-src | https://resource.digital.voice.va.gov https://analytics-fe.digital.voice.va.gov; |
frame-src | https://resource.digital.voice.va.gov; |
font-src | https://resource.digital.voice.va.gov; |
img-src | https://resource.digital.voice.va.gov https://analytics-fe.digital.voice.va.gov; |
style-src | https://resource.digital.voice.va.gov; |
Customers on EU Main properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.eu; |
script-src | *.kampyle.com *.medallia.eu; |
frame-src | *.kampyle.com *.medallia.eu; |
font-src | *.kampyle.com *.medallia.eu; |
img-src | *.kampyle.com *.medallia.eu; |
style-src | *.kampyle.com *.medallia.eu; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://ubt-eu.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-eu-main.medallia.eu; |
script-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-eu-main.medallia.eu; |
frame-src | https://nebula-cdn.kampyle.com; |
font-src | https://nebula-cdn.kampyle.com; |
img-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-eu-main.medallia.eu; |
style-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on US main properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.com; |
script-src | *.kampyle.com *.medallia.com; |
frame-src | *.kampyle.com *.medallia.com; |
font-src | *.kampyle.com *.medallia.com; |
img-src | *.kampyle.com *.medallia.com; |
style-src | *.kampyle.com *.medallia.com; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://ubt-us.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-us-main.medallia.com; |
script-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-us-main.medallia.com; |
frame-src | https://nebula-cdn.kampyle.com; |
font-src | https://nebula-cdn.kampyle.com; |
img-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-us-main.medallia.com; |
style-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on AU (SYD1) properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.com.au; |
script-src | *.kampyle.com *.medallia.com.au; |
frame-src | *.kampyle.com *.medallia.com.au; |
font-src | *.kampyle.com *.medallia.com.au; |
img-src | *.kampyle.com *.medallia.com.au; |
style-src | *.kampyle.com *.medallia.com.au; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://ubt-au.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-syd1.medallia.com.au; |
script-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-syd1.medallia.com.au; |
frame-src | https://nebula-cdn.kampyle.com; |
font-src | https://nebula-cdn.kampyle.com; |
img-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-syd1.medallia.com.au; |
style-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on CA main properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.ca; |
script-src | *.kampyle.com *.medallia.ca; |
frame-src | *.kampyle.com *.medallia.ca; |
font-src | *.kampyle.com *.medallia.ca; |
img-src | *.kampyle.com *.medallia.ca; |
style-src | *.kampyle.com *.medallia.ca; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://ubt-can.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.ca; |
script-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.ca; |
frame-src | https://nebula-cdn.kampyle.com; |
font-src | https://nebula-cdn.kampyle.com; |
img-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.ca; |
style-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com; |
base-uri | https://md-scp.kampyle.com; |
Customers on SMF1 properties
For Digital surveys to function correctly on your website, your CSP should allow these domains:
connect-src | *.kampyle.com *.medallia.com; |
script-src | *.kampyle.com *.medallia.com; |
frame-src | *.medallia.com; |
font-src | *.medallia.com; |
img-src | *.kampyle.com *.medallia.com; |
style-src | *.kampyle.com *.medallia.com; |
base-uri | *.kampyle.com; |
If the CSP is not using wildcards, allow these domains:
connect-src | https://md-scp.kampyle.com https://ubt-can.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.com; |
script-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.com; |
frame-src | https://nebula-cdn.kampyle.com; |
font-src | https://nebula-cdn.kampyle.com; |
img-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.com; |
style-src | https://md-scp.kampyle.com https://nebula-cdn.kampyle.com; |
base-uri | https://md-scp.kampyle.com; |