Medallia Digital

Medallia Experience Cloud Medallia Digital Medallia Agile Research Digital Experience Analytics Medallia Video Agent Connect Medallia Experience Orchestration Mindful Voci Sense360 Journey Analytics Medallia Company Glossary

Medallia Experience Cloud Medallia Digital Medallia Agile Research Digital Experience Analytics Medallia Video Agent Connect Medallia Experience Orchestration Mindful Voci Sense360 Journey Analytics Medallia Company Glossary

Medallia Digital

Medallia Digital Contents

Medallia Digital Web

Administration guide

Allow-list guidance

Medallia GovCloud for Digital

Medallia Digital In-App

Medallia Digital Anywhere

Allow-list guidance

For Digital Web to function correctly, the organization's Content Security Policy (CSP) needs to allow access to certain domains. This process is often referred to as allow-listing a domain. In cases where your CSP blocks inline styling an additional feature flag needs to be activated on the property.

Tip: It is only necessary to add these domains to any existing CSP directive

The list of domains to allow in the CSP depends on the environment the Digital property is deployed on, and the features enabled for the property. To verify the details, please contact your Digital Expert.

Customers on Colo-EU properties

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	.kampyle.com .medallia.eu;
script-src	.kampyle.com .medallia.eu;
frame-src	.kampyle.com .medallia.eu;
font-src	.kampyle.com .medallia.eu;
img-src	.kampyle.com .medallia.eu;
style-src	.kampyle.com .medallia.eu;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://ubt-lb.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.eu;
font-src	https://resources.digital-cloud.medallia.eu https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com;
style-src	https://resources.digital-cloud.medallia.eu https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-UK properties

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	.kampyle.com .medallia.eu;
script-src	.kampyle.com .medallia.eu;
frame-src	.kampyle.com .medallia.eu;
font-src	.kampyle.com .medallia.eu;
img-src	.kampyle.com .medallia.eu;
style-src	.kampyle.com .medallia.eu;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.eu https://ubt-lb.digital-cloud-uk.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://nebula-cdn.kampyle.com https://resources.digital-cloud-uk.meda
font-src	https://resources.digital-cloud-uk.medallia.eu https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.eu https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com;
style-src	https://resources.digital-cloud-uk.medallia.eu https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-US (SC4) properties

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://ubt-lb.digital-cloud.medallia.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.com;
font-src	https://resources.digital-cloud.medallia.com https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com;
style-src	https://resources.digital-cloud.medallia.com https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-US (West) properties

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://ubt-lb.digital-cloud-west.medallia.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://nebula-cdn.kampyle.com https://resources.digital-cloud-west.medallia.com;
font-src	https://resources.digital-cloud-west.medallia.com https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com;
style-src	https://resources.digital-cloud-west.medallia.com https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-Canada properties

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	.kampyle.com .medallia.ca;
script-src	.kampyle.com .medallia.ca;
frame-src	.kampyle.com .medallia.ca;
font-src	.kampyle.com .medallia.ca;
img-src	.kampyle.com .medallia.ca;
style-src	.kampyle.com .medallia.ca;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.ca https://ubt-lb.digital-cloud.medallia.ca https://sbt-prod.kampyle.com https://udc-neb.kampyle.com;
script-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.ca https://sbt-prod.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.ca;
font-src	https://resources.digital-cloud.medallia.ca https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.ca https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com;
style-src	https://resources.digital-cloud.medallia.ca https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Singapore properties

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://ubt-lb.digital-cloud.medallia.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com;
font-src	https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com;
img-src	https://md-scp.kampyle.com https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com https://udc-neb.kampyle.com;
style-src	https://md-scp.kampyle.com https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on PHX1 (OCI) properties

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://ubt-lb.digital-cloud.medallia.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com;
font-src	https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com;
img-src	https://md-scp.kampyle.com https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com https://udc-neb.kampyle.com;
style-src	https://md-scp.kampyle.com https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on JED1 (OCI) properties

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com;
font-src	https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com;
img-src	https://md-scp.kampyle.com https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com https://udc-neb.kampyle.com;
style-src	https://md-scp.kampyle.com https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on HND1 (OCI) properties

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://ubt-lb.digital-cloud.medallia.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com;
font-src	https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com;
img-src	https://md-scp.kampyle.com https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com https://udc-neb.kampyle.com;
style-src	https://md-scp.kampyle.com https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on ICN1 (OCI) properties

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://ubt-lb.digital-cloud.medallia.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com;
font-src	https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com;
img-src	https://md-scp.kampyle.com https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com https://udc-neb.kampyle.com;
style-src	https://md-scp.kampyle.com https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on AWS properties (EU,US, AU and Enterprise)

For Digital surveys to function correctly on your website, your CSP should allow the following domains:


connect-src	*.kampyle.com;
script-src	*.kampyle.com;
frame-src	*.kampyle.com;
font-src	*.kampyle.com;
img-src	*.kampyle.com;
style-src	*.kampyle.com;
base-uri	*.kampyle.com;

If you are not using wildcards for your CSP, refer to the following:


connect-src	https://md-scp.kampyle.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com;
script-src	https://md-scp.kampyle.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com;
frame-src	https://nebula-cdn.kampyle.com;
font-src	https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com;
style-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Last updated: November 3, 2023

Explore Medallia Documentation

Medallia Experience Cloud

Medallia Digital

Medallia Agile Research

Digital Experience Analytics

Medallia Video

Agent Connect

Medallia Experience Orchestration

Mindful

Voci

Sense360

Journey Analytics

Medallia Company

Glossary

Medallia Developer Portal

Company

Knowledge Center

Legal

About Medallia

Developer Portal

Privacy Policy

Contact Support

Trust

Copyright © 2023 Medallia, Inc. All rights reserved.
Medallia®, the Medallia logo, and the names and marks associated with Medallia’s products are trademarks of Medallia and/or its affiliates. All other trademarks are the property of their respective owners.