Skip to main content

Set Up CORS for Widget

Enhance the security of your knowledge box by setting up Cross-Origin Resource Sharing (CORS) to restrict which domains can make requests to Nuclia.

What is CORS?

Cross-Origin Resource Sharing (CORS) is an HTTP-header based mechanism that allows a server to specify any origins (domain, scheme, or port) other than its own from which a browser should permit loading resources.

For example, if you configure domain-a.com as an allowed origin, requests from domain-a.com to Nuclia will be permitted, while requests from domain-b.com will be blocked.

How to Add Allowed Origins to Your Knowledge Box

To add allowed origins for your Knowledge Box, follow these steps:

  1. Go to your Knowledge Box settings in the Dashboard.
  2. Locate the field labeled Allowed Origins (CORS).
  3. Enter the domains you want to allow. You can add as many domains as needed.

By default, if the field is empty, all domains (*) are allowed.

Why Use This Setting?

Using the Allowed Origins (CORS) setting enhances security by preventing unauthorized use of your widget on other web pages. This ensures that only specified domains can interact with your Nuclia knowledge box.