Can I deploy kapa behind a login?
Yes, you can deploy behind a login.
- The Website widet is most commonly integrated in public documentation sites but it can also be integrated into web pages behind a login.
- The Support form deflector can be integrated into both public support forms and those behind a login.
- You can leverage the API to power your own interfaces irrespective of where they are integrated.
How do I fix cross-origin resources sharing (CORS) errors?
If you are seeing CORS errors you have forgot to whitelist your domain. You can do this by adding your domain to the enabled domains when configuring your integration in the kapa platform. This is required for security reasons. The kapa platform will only accept requests from domains that you have explicitly whitelisted. Otherwise, bad actors could use your kapa instance on their own domains.
This is applicable for installing both the Website widget and the Support form deflector.
How do I fix Content Security Policy (CSP) errors?
If your website has a Content Security Policy enabled, you'll need to whitelist the following domains in your CSP configuration to allow the widget to function properly:
https://kapa-widget-proxy-la7dkmplpq-uc.a.run.app- For widget functionalityhttps://www.google.com/recaptcha- For reCAPTCHA functionalityhttp://metrics.kapa.ai- For optional analytics and metrics collection
This is applicable for installing both the Website widget and the Support form deflector.