Error
Access to XMLHttpRequest at ‘https://sample-opa.custhelp.com/web-determinations/redirectQuery’ from origin ‘https://sample.custhelp.com’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
Solution
In order to allow only certain websites to embed an Intelligent Advisor interview or flow, you need to set up a cross origin request from the server hosting the application. This will ensure that only authorized sites can access the interview or flow.
- Log in to the Intelligent Advisor Hub web interface with a Hub administrator user role.
- On the dashboard page in the Permissions column, click View all permissions. The Permissions page is displayed.
- Click the Actions menu and select Access settings. The Access settings page is displayed.
- Under Interview access control, click Add Host.
- In the CORS hosts field, enter the address.
Note that:- Only
https:,http:andapp:URL schemes are supported. - An asterisk (*) can be used as a wildcard to indicate any number of characters after the
https://orhttp://and before the site name. For example,https://*.somesite.com. Note that short wildcards such ashttp://*.comorhttp://*are not allowed. - The combined list of sites cannot exceed 8000 characters in length.
- Only
- Click Apply.