Access to XMLHttpRequest at ‘https://sample-opa.custhelp.com/web-determinations/redirectQuery’ from origin ‘https://sample.custhelp.com’ has been blocked by CORS policy: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
In order to allow only certain websites to embed an Intelligent Advisor interview or flow, you need to set up a cross origin request from the server hosting the application. This will ensure that only authorized sites can access the interview or flow.
- Log in to the Intelligent Advisor Hub web interface with a Hub administrator user role.
- On the dashboard page in the Permissions column, click View all permissions. The Permissions page is displayed.
- Click the Actions menu and select Access settings. The Access settings page is displayed.
- Under Interview access control, click Add Host.
- In the CORS hosts field, enter the address.
app:URL schemes are supported.
- An asterisk (*) can be used as a wildcard to indicate any number of characters after the
http://and before the site name. For example,
https://*.somesite.com. Note that short wildcards such as
http://*are not allowed.
- The combined list of sites cannot exceed 8000 characters in length.
- Click Apply.