Medallia Digital Feedback

Medallia Experience Cloud Medallia Digital Feedback Medallia Agile Research Digital Experience Analytics Medallia Video Agent Connect Medallia Experience Orchestration Mindful Medallia Ideas Voci Sense360 Medallia Company Glossary

Medallia Experience Cloud Medallia Digital Feedback Medallia Agile Research Digital Experience Analytics Medallia Video Agent Connect Medallia Experience Orchestration Mindful Medallia Ideas Voci Sense360 Medallia Company Glossary

Medallia Digital Feedback

Medallia Digital Feedback Contents

Medallia Digital Feedback

Medallia Digital Web

Digital Feedback Web administration

Allow-list guidance

Medallia Digital In-App

Medallia Digital Anywhere

Medallia GovCloud for Digital

Allow-list guidance

For Digital Web to function correctly, the hosting organization's Content Security Policy (CSP) needs to allow access to certain domains. This process is often referred to as allow-listing a domain. In cases where your CSP blocks inline styling an additional feature flag needs to be activated on the property.

Tip: It is only necessary to add these domains to any existing CSP directive

The domains to add to the CSP's allow list depends on the environment the Digital property is deployed on, and the features enabled for the property. To verify the details, please contact your Digital Expert.

Customers on Colo-EU properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.eu;
script-src	.kampyle.com .medallia.eu;
frame-src	.kampyle.com .medallia.eu;
font-src	.kampyle.com .medallia.eu;
img-src	.kampyle.com .medallia.eu;
style-src	.kampyle.com .medallia.eu;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://ubt.digital-cloud.medallia.eu https://analytics-fe.digital-cloud.medallia.eu;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://analytics-fe.digital-cloud.medallia.eu;
frame-src	https://resources.digital-cloud.medallia.eu;
font-src	https://resources.digital-cloud.medallia.eu;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://analytics-fe.digital-cloud.medallia.eu;
style-src	https://resources.digital-cloud.medallia.eu https://md-scp.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-UK properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.eu;
script-src	.kampyle.com .medallia.eu;
frame-src	.kampyle.com .medallia.eu;
font-src	.kampyle.com .medallia.eu;
img-src	.kampyle.com .medallia.eu;
style-src	.kampyle.com .medallia.eu;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.eu https://ubt-lb.digital-cloud-uk.medallia.eu https://analytics-fe.digital-cloud-uk.medallia.eu;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.eu https://analytics-fe.digital-cloud-uk.medallia.eu;
frame-src	https://resources.digital-cloud-uk.medallia.com;
font-src	https://resources.digital-cloud-uk.medallia.eu;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.euhttps://analytics-fe.digital-cloud-uk.medallia.eu;
style-src	https://resources.digital-cloud-uk.medallia.eu https://md-scp.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-US (SC4) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://ubt-lb.digital-cloud.medallia.com https://analytics-fe.digital-cloud.medallia.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://analytics-fe.digital-cloud.medallia.com;
frame-src	https://resources.digital-cloud.medallia.com;
font-src	https://resources.digital-cloud.medallia.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://analytics-fe.digital-cloud.medallia.com;
style-src	https://resources.digital-cloud.medallia.com https://md-scp.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-West (SEA1) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://ubt-lb.digital-cloud-west.medallia.com https://analytics-fe.digital-cloud-west.medallia.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://analytics-fe.digital-cloud-west.medallia.com;
frame-src	https://resources.digital-cloud-west.medallia.com;
font-src	https://resources.digital-cloud-west.medallia.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://analytics-fe.digital-cloud-west.medallia.com;
style-src	https://resources.digital-cloud-west.medallia.com https://md-scp.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-Canada properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.ca;
script-src	.kampyle.com .medallia.ca;
frame-src	.kampyle.com .medallia.ca;
font-src	.kampyle.com .medallia.ca;
img-src	.kampyle.com .medallia.ca;
style-src	.kampyle.com .medallia.ca;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.ca https://ubt-lb.digital-cloud.medallia.ca https://analytics-fe.digital-cloud.medallia.ca;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.ca https://analytics-fe.digital-cloud.medallia.ca;
frame-src	https://resources.digital-cloud.medallia.ca;
font-src	https://resources.digital-cloud.medallia.ca;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.ca https://analytics-fe.digital-cloud.medallia.ca;
style-src	https://resources.digital-cloud.medallia.ca https://md-scp.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on DHH US (SC4) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	*.digital-cloud-prem.medallia.com;
script-src	*.digital-cloud-prem.medallia.com;
frame-src	*.digital-cloud-prem.medallia.com;
font-src	*.digital-cloud-prem.medallia.com;
img-src	*.digital-cloud-prem.medallia.com;
style-src	*.digital-cloud-prem.medallia.com;
base-uri	*.digital-cloud-prem.medallia.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://resources.digital-cloud-prem.medallia.com https://ubt-lb.digital-cloud-prem.medallia.com https://analytics-fe.digital-cloud-prem.medallia.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud-prem.medallia.com https://analytics-fe.digital-cloud-prem.medallia.com;
frame-src	https://resources.digital-cloud-prem.medallia.com;
font-src	https://resources.digital-cloud-prem.medallia.com;
img-src	https://resources.digital-cloud-prem.medallia.com https://analytics-fe.digital-cloud-prem.medallia.com;
style-src	https://resources.digital-cloud-prem.medallia.com ;

Customers on DHH EU (FRA1) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	*.digital-cloud-prem.medallia.eu;
script-src	*.digital-cloud-prem.medallia.eu;
frame-src	*.digital-cloud-prem.medallia.eu;
font-src	*.digital-cloud-prem.medallia.eu;
img-src	*.digital-cloud-prem.medallia.eu;
style-src	*.digital-cloud-prem.medallia.eu;
base-uri	*.digital-cloud-prem.medallia.eu;

If the CSP is not using wildcards, allow these domains:


connect-src	ghttps://resources.digital-cloud-prem.medallia.eu https://ubt.digital-cloud-prem.medallia.eu https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-prem.medallia.eu;
script-src	https://resources.digital-cloud-prem.medallia.eu https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-prem.medallia.eu;
frame-src	https://resources.digital-cloud-prem.medallia.eu;
font-src	https://resources.digital-cloud-prem.medallia.eu;
img-src	https://resources.digital-cloud-prem.medallia.eu https://analytics-fe.digital-cloud-prem.medallia.eu;
style-src	https://resources.digital-cloud-prem.medallia.eu;

Customers on Singapore properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud-sin1.medallia.com https://ubt.digital-cloud-sin1.medallia.com https://analytics-fe.digital-cloud-sin1.medallia.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud-sin1.medallia.com https://analytics-fe.digital-cloud-sin1.medallia.com;
frame-src	https://resources.digital-cloud-sin1.medallia.com;
font-src	https://resources.digital-cloud-sin1.medallia.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud-sin1.medallia.com https://analytics-fe.digital-cloud-sin1.medallia.com;
style-src	https://md-scp.kampyle.com https://resources.digital-cloud-sin1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on PHX1 properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud-phx1.medallia.com https://ubt.digital-cloud-phx1.medallia.com https://analytics-fe.digital-cloud-phx1.medallia.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud-phx1.medallia.com https://analytics-fe.digital-cloud-phx1.medallia.com;
frame-src	https://resources.digital-cloud-phx1.medallia.com;
font-src	https://resources.digital-cloud-phx1.medallia.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud-phx1.medallia.com https://analytics-fe.digital-cloud-phx1.medallia.com;
style-src	https://md-scp.kampyle.com https://resources.digital-cloud-phx1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on JED1 properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud-jed1.medallia.com https://ubt.digital-cloud-jed1.medallia.com https://analytics-fe.digital-cloud-jed1.medallia.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud-jed1.medallia.com https://analytics-fe.digital-cloud-jed1.medallia.com;
frame-src	https://resources.digital-cloud-jed1.medallia.com;
font-src	https://resources.digital-cloud-jed1.medallia.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud-jed1.medallia.com https://analytics-fe.digital-cloud-jed1.medallia.com;
style-src	https://md-scp.kampyle.com https://resources.digital-cloud-jed1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on HND1 properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud-hnd1.medallia.com https://ubt.digital-cloud-hnd1.medallia.comhttps://analytics-fe.digital-cloud-hnd1.medallia.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com https://analytics-fe.digital-cloud-hnd1.medallia.com;
frame-src	https://resources.digital-cloud-hnd1.medallia.com;
font-src	https://resources.digital-cloud-hnd1.medallia.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud-hnd1.medallia.com https://analytics-fe.digital-cloud-hnd1.medallia.com;
style-src	https://md-scp.kampyle.com https://resources.digital-cloud-hnd1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on GovCloud staging properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	*.medallia.com;
script-src	*.medallia.com;
frame-src	*.medallia.com;
font-src	*.medallia.com;
img-src	*.medallia.com;
style-src	*.medallia.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://resources.digital-cloud-gov-stg.medallia.com https://ubt-lb.digital-cloud-gov-stg.medallia.com https://analytics-fe.digital-cloud-gov-stg.medallia.com;
script-src	https://resources.digital-cloud-gov-stg.medallia.com https://analytics-fe.digital-cloud-gov-stg.medallia.com;
frame-src	https://resources.digital-cloud-gov-stg.medallia.com;
font-src	https://resources.digital-cloud-gov-stg.medallia.com;
img-src	https://resources.digital-cloud-gov-stg.medallia.com https://analytics-fe.digital-cloud-gov-stg.medallia.com;
style-src	https://resources.digital-cloud-gov-stg.medallia.com;

Customers on GovCloud production properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	*.medallia.com;
script-src	*.medallia.com;
frame-src	*.medallia.com;
font-src	*.medallia.com;
img-src	*.medallia.com;
style-src	*.medallia.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://resources.digital-cloud-gov.medallia.com https://ubt.digital-cloud-gov.medallia.com https://analytics-fe.digital-cloud-gov.medallia.com;
script-src	https://resources.digital-cloud-gov.medallia.com https://analytics-fe.digital-cloud-gov.medallia.com;
frame-src	https://resources.digital-cloud-gov.medallia.com;
font-src	https://resources.digital-cloud-gov.medallia.com;
img-src	https://resources.digital-cloud-gov.medallia.com https://analytics-fe.digital-cloud-gov.medallia.com;
style-src	https://resources.digital-cloud-gov.medallia.com;

Customers on GovCloud VA properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	*.medallia.com;
script-src	*.medallia.com;
frame-src	*.medallia.com;
font-src	*.medallia.com;
img-src	*.medallia.com;
style-src	*.medallia.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://resource.digital.voice.va.gov https://ubt.digital.voice.va.gov https://analytics-fe.digital.voice.va.gov;
script-src	https://resource.digital.voice.va.gov https://analytics-fe.digital.voice.va.gov;
frame-src	https://resource.digital.voice.va.gov;
font-src	https://resource.digital.voice.va.gov;
img-src	https://resource.digital.voice.va.gov https://analytics-fe.digital.voice.va.gov;
style-src	https://resource.digital.voice.va.gov;

Customers on EU Main properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.eu;
script-src	.kampyle.com .medallia.eu;
frame-src	.kampyle.com .medallia.eu;
font-src	.kampyle.com .medallia.eu;
img-src	.kampyle.com .medallia.eu;
style-src	.kampyle.com .medallia.eu;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://ubt-eu.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-eu-main.medallia.eu;
script-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-eu-main.medallia.eu;
frame-src	https://nebula-cdn.kampyle.com;
font-src	https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-eu-main.medallia.eu;
style-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on US main properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://ubt-us.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-us-main.medallia.com;
script-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-us-main.medallia.com;
frame-src	https://nebula-cdn.kampyle.com;
font-src	https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-us-main.medallia.com;
style-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on AU (SYD1) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com.au;
script-src	.kampyle.com .medallia.com.au;
frame-src	.kampyle.com .medallia.com.au;
font-src	.kampyle.com .medallia.com.au;
img-src	.kampyle.com .medallia.com.au;
style-src	.kampyle.com .medallia.com.au;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://ubt-au.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-syd1.medallia.com.au;
script-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-syd1.medallia.com.au;
frame-src	https://nebula-cdn.kampyle.com;
font-src	https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-syd1.medallia.com.au;
style-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on CA main properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.ca;
script-src	.kampyle.com .medallia.ca;
frame-src	.kampyle.com .medallia.ca;
font-src	.kampyle.com .medallia.ca;
img-src	.kampyle.com .medallia.ca;
style-src	.kampyle.com .medallia.ca;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://ubt-can.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.ca;
script-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.ca;
frame-src	https://nebula-cdn.kampyle.com;
font-src	https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.ca;
style-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on SMF1 properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	*.medallia.com;
font-src	*.medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://ubt-can.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.com;
script-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.com;
frame-src	https://nebula-cdn.kampyle.com;
font-src	https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.com;
style-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Last updated: September 17, 2025

Explore Medallia Documentation

Medallia Experience Cloud

Medallia Digital Feedback

Medallia Agile Research

Digital Experience Analytics

Medallia Video

Agent Connect

Medallia Experience Orchestration

Mindful

Medallia Ideas

Voci

Sense360

Medallia Company

Glossary

Medallia Concierge

Medallia Developer Portal

Company

Knowledge Center

Terms of Use

About Medallia

Developer Portal

Privacy Policy

Blog

Contact Support

Security

Copyright © 2025 Medallia, Inc. All rights reserved.
Medallia®, the Medallia logo, and the names and marks associated with Medallia’s products are trademarks of Medallia and/or its affiliates. All other trademarks are the property of their respective owners.