Medallia Digital

Medallia Experience Cloud Medallia Digital Medallia Agile Research Digital Experience Analytics Medallia Video Agent Connect Medallia Experience Orchestration Mindful Voci Sense360 Medallia Company Glossary

Medallia Experience Cloud Medallia Digital Medallia Agile Research Digital Experience Analytics Medallia Video Agent Connect Medallia Experience Orchestration Mindful Voci Sense360 Medallia Company Glossary

Medallia Digital

Medallia Digital Contents

Medallia Digital Web

Administration guide

Allow-list guidance

Medallia GovCloud for Digital

Medallia Digital In-App

Medallia Digital Anywhere

Allow-list guidance

For Digital Web to function correctly, the organization's Content Security Policy (CSP) needs to allow access to certain domains. This process is often referred to as allow-listing a domain. In cases where your CSP blocks inline styling an additional feature flag needs to be activated on the property.

Tip: It is only necessary to add these domains to any existing CSP directive

The domains to add to the CSP's allow list depends on the environment the Digital property is deployed on, and the features enabled for the property. To verify the details, please contact your Digital Expert.

Customers on Colo-EU properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.eu;
script-src	.kampyle.com .medallia.eu;
frame-src	.kampyle.com .medallia.eu;
font-src	.kampyle.com .medallia.eu;
img-src	.kampyle.com .medallia.eu;
style-src	.kampyle.com .medallia.eu;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://ubt-lb.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.eu;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.eu;
frame-src	https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.eu;
font-src	https://resources.digital-cloud.medallia.eu https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.eu https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud.medallia.eu;
style-src	https://resources.digital-cloud.medallia.eu https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-UK properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.eu;
script-src	.kampyle.com .medallia.eu;
frame-src	.kampyle.com .medallia.eu;
font-src	.kampyle.com .medallia.eu;
img-src	.kampyle.com .medallia.eu;
style-src	.kampyle.com .medallia.eu;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.eu https://ubt-lb.digital-cloud-uk.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-uk.medallia.eu;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.eu https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-uk.medallia.eu;
frame-src	https://nebula-cdn.kampyle.com https://resources.digital-cloud-uk.medallia.com;
font-src	https://resources.digital-cloud-uk.medallia.eu https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud-uk.medallia.eu https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-uk.medallia.eu;
style-src	https://resources.digital-cloud-uk.medallia.eu https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-US (SC4) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://ubt-lb.digital-cloud.medallia.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.com;
frame-src	https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.com;
font-src	https://resources.digital-cloud.medallia.com https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.com https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud.medallia.com;
style-src	https://resources.digital-cloud.medallia.com https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-US (West) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://ubt-lb.digital-cloud-west.medallia.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-west.medallia.com;
script-src	https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-west.medallia.com;
frame-src	https://nebula-cdn.kampyle.com https://resources.digital-cloud-west.medallia.com;
font-src	https://resources.digital-cloud-west.medallia.com https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud-west.medallia.com https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-west.medallia.com;
style-src	https://resources.digital-cloud-west.medallia.com https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Colo-Canada properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.ca;
script-src	.kampyle.com .medallia.ca;
frame-src	.kampyle.com .medallia.ca;
font-src	.kampyle.com .medallia.ca;
img-src	.kampyle.com .medallia.ca;
style-src	.kampyle.com .medallia.ca;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.ca https://ubt-lb.digital-cloud.medallia.ca https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.ca;
script-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.ca https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud.medallia.ca;
frame-src	https://nebula-cdn.kampyle.com https://resources.digital-cloud.medallia.ca;
font-src	https://resources.digital-cloud.medallia.ca https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://resources.digital-cloud.medallia.ca https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud.medallia.ca;
style-src	https://resources.digital-cloud.medallia.ca https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on Singapore properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://ubt-lb.digital-cloud.medallia.com https://analytics-fe.digital-cloud-sin1.medallia.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-sin1.medallia.com;
frame-src	https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com;
font-src	https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com;
img-src	https://md-scp.kampyle.com https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-sin1.medallia.com;
style-src	https://md-scp.kampyle.com https://digital-cloud-sin1.medallia.com https://resources.digital-cloud-sin1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on PHX1 (OCI) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://ubt-lb.digital-cloud.medallia.com https://analytics-fe.digital-cloud-phx1.medallia.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-phx1.medallia.com;
frame-src	https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com;
font-src	https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com;
img-src	https://md-scp.kampyle.com https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-phx1.medallia.com;
style-src	https://md-scp.kampyle.com https://digital-cloud-phx1.medallia.com https://resources.digital-cloud-phx1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on JED1 (OCI) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-jed1.medallia.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-jed1.medallia.com;
frame-src	https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com;
font-src	https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com;
img-src	https://md-scp.kampyle.com https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-jed1.medallia.com;
style-src	https://md-scp.kampyle.com https://digital-cloud-jed1.medallia.com https://resources.digital-cloud-jed1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on HND1 (OCI) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://ubt-lb.digital-cloud.medallia.com https://analytics-fe.digital-cloud-hnd1.medallia.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-hnd1.medallia.com;
frame-src	https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com;
font-src	https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com;
img-src	https://md-scp.kampyle.com https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-hnd1.medallia.com;
style-src	https://md-scp.kampyle.com https://digital-cloud-hnd1.medallia.com https://resources.digital-cloud-hnd1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on ICN1 (OCI) properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://ubt-lb.digital-cloud.medallia.com https://analytics-fe.digital-cloud-icn1.medallia.com;
script-src	https://md-scp.kampyle.com https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com https://sbt-prod.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-icn1.medallia.com;
frame-src	https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com;
font-src	https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com;
img-src	https://md-scp.kampyle.com https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-icn1.medallia.com;
style-src	https://md-scp.kampyle.com https://digital-cloud-icn1.medallia.com https://resources.digital-cloud-icn1.medallia.com;
base-uri	https://md-scp.kampyle.com;

Customers on AWS EU properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.eu;
script-src	.kampyle.com .medallia.eu;
frame-src	.kampyle.com .medallia.eu;
font-src	.kampyle.com .medallia.eu;
img-src	.kampyle.com .medallia.eu;
style-src	.kampyle.com .medallia.eu;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-eu-main.medallia.eu;
script-src	https://md-scp.kampyle.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-eu-main.medallia.eu;
frame-src	https://nebula-cdn.kampyle.com;
font-src	https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-eu-main.medallia.eu;
style-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on AWS US properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com;
script-src	.kampyle.com .medallia.com;
frame-src	.kampyle.com .medallia.com;
font-src	.kampyle.com .medallia.com;
img-src	.kampyle.com .medallia.com;
style-src	.kampyle.com .medallia.com;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-us-main.medallia.com;
script-src	https://md-scp.kampyle.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-us-main.medallia.com;
frame-src	https://nebula-cdn.kampyle.com;
font-src	https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-us-main.medallia.com;
style-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on AWS AU properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.com.au;
script-src	.kampyle.com .medallia.com.au;
frame-src	.kampyle.com .medallia.com.au;
font-src	.kampyle.com .medallia.com.au;
img-src	.kampyle.com .medallia.com.au;
style-src	.kampyle.com .medallia.com.au;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-syd1.medallia.com.au;
script-src	https://md-scp.kampyle.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-syd1.medallia.com.au;
frame-src	https://nebula-cdn.kampyle.com;
font-src	https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-syd1.medallia.com.au;
style-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Customers on AWS CA properties

For Digital surveys to function correctly on your website, your CSP should allow these domains:


connect-src	.kampyle.com .medallia.ca;
script-src	.kampyle.com .medallia.ca;
frame-src	.kampyle.com .medallia.ca;
font-src	.kampyle.com .medallia.ca;
img-src	.kampyle.com .medallia.ca;
style-src	.kampyle.com .medallia.ca;
base-uri	*.kampyle.com;

If the CSP is not using wildcards, allow these domains:


connect-src	https://md-scp.kampyle.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.ca;
script-src	https://md-scp.kampyle.com https://sbt-prod.kampyle.com https://nebula-cdn.kampyle.com https://udc-neb.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.ca;
frame-src	https://nebula-cdn.kampyle.com;
font-src	https://nebula-cdn.kampyle.com;
img-src	https://md-scp.kampyle.com https://udc-neb.kampyle.com https://nebula-cdn.kampyle.com https://analytics-fe.digital-cloud-can-main.medallia.ca;
style-src	https://md-scp.kampyle.com https://nebula-cdn.kampyle.com;
base-uri	https://md-scp.kampyle.com;

Last updated: October 10, 2024

Explore Medallia Documentation

Medallia Experience Cloud

Medallia Digital

Medallia Agile Research

Digital Experience Analytics

Medallia Video

Agent Connect

Medallia Experience Orchestration

Mindful

Voci

Sense360

Medallia Company

Glossary

Medallia Concierge

Medallia Developer Portal

Company

Knowledge Center

Legal

About Medallia

Developer Portal

Privacy Policy

Contact Support

Trust

Copyright © 2023 Medallia, Inc. All rights reserved.
Medallia®, the Medallia logo, and the names and marks associated with Medallia’s products are trademarks of Medallia and/or its affiliates. All other trademarks are the property of their respective owners.