Keeping your experience secure
Domain white listing
Before a digital human will display on a custom (non-UneeQ-owned) domain, the domain must be whitelisted. Whitelisted domains can be set within the Creator portal.
- Login to Creator
- Click Deploy (from the left-hand menu)
- Click Hosted Experience
- Add domains where a digital human session is permitted to start to the list, one at a time
- You can add as many domains as you wish
- Top-level domains (i.e. "site.com") will whitelist all subdomains as well (i.e. "digital-human.site.com")
If you experience any trouble with this process, please contact your Customer Success representative or email email@example.com to let us know the domains where you will be embedding your Digital Human. We will ensure these domains are whitelisted so that your Digital Human can’t be used without your consent.
For example, if you are inserting the code snippet into a webpage with the URL https://your-domain.com/example/, then you must have the domain https://your-domain.com whitelisted.
To ensure the security of your conversation, it will not be possible to start a session with your digital human outside of https://your-domain.com
If no domain white listing is provided, it would be possible for a malicious user to deploy your digital human on their own website.
Content security policy
If you have a content security policy, you'll need to add Referrer-Policy strict-origin-when-cross-origin. This allows your website to pass the page referrer into the UneeQ frame for validation.