Explo | Customer-facing analytics for any platform

Home

Customers

Data

Connecting to Data Sources
Data Sources and Schema
Data Library
Building your data model
New Data Connector (FIDO)

Dashboards

Creating Dashboards
Dashboard Features

Report Builders

Creating Report Builders
Report Builder Features

Embedding Documentation

Add Explo Domains To CSP
Allowlisting your domain
Embed secrets (JWTs)
Dashboard Embedding
Report Builder Embedding
Iframe vs Web Component
Troubleshooting Your Embed

General Features

Managing Permissions

Security

Troubleshooting

If you have a strict Content Security Policy, please allowlist https://*.explo.co to your CSP to ensure our embed can work properly and make the proper requests. If you’re not sure if you have a strict CSP, then you likely don’t. If you prefer not to wildcard Explo’s subdomains, these are the necessary domains:

https://app.explo.co
https://api.explo.co
https://embed.explo.co
https://*.data.explo.co
- https://us-east-1.data.explo.co (default cloud instance)
http://custom-assets.explo.co

If you prefer not to wildcard https://*.data.explo.co and are not using the default cloud instance of Explo’s query service (FIDO), then please ask the support team for your corresponding https://XYZ.data.explo.co endpoint to allowlist.

More may be added in the future, but customers will be notified ahead of time.

The URL custom-assets.explo.co is used for custom fonts, so please ensure to allowlist this domain if you are using custom fonts. This asset used to be served at https://explo-custom-fonts.s3.us-west-1.amazonaws.com, but we have since migrated it to custom-assets.explo.co (in January 2025). We will continue to support both for backwards compatibility. Our support team will reach out to those who might be using the old URL in their allowlist.

Read-Only Report Builders Allowlisting your domain