> ## Documentation Index
> Fetch the complete documentation index at: https://docs.explo.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Add Explo Domains To CSP

> Add Explo Domains to your Content Security Policy

If you have a strict Content Security Policy, please allowlist `https://*.explo.co` to your CSP to ensure our embed can work properly and make the proper requests. If you’re not sure if you have a strict CSP, then you likely don’t. If you prefer not to wildcard Explo’s subdomains, these are the necessary domains:

```
- https://app.explo.co
- https://api.explo.co
- https://embed.explo.co
- http://custom-assets.explo.co
```

Below are the data connector domains (for [FIDO](/data-sources/new-data-connector-fido)). Depending on which region you are using, you'll need to allowlist the right set. If you don't know which region you are using, then you are using the `default` one.

```
# Default Cloud Region (us-east-1)
- https://*.data.explo.co
    - https://us-east-1.data.explo.co
    - https://rover.data.explo.co

# APAC Region (ap-southeast-1)
- https://fido.prod-ap-southeast-1.explo.co
- https://rover.prod-ap-southeast-1.explo.co

# EU Region (eu-central-1)
- https://fido.prod-eu-central-1.explo.co
- https://rover.prod-eu-central-1.explo.co

# GovCloud Region
- https://us-gov-east-1.gov-data.explo.co
- (ask Explo Support for the other domain)
```

More may be added in the future, but customers will be notified ahead of time.

The URL `custom-assets.explo.co` is used for custom fonts, so please ensure to allowlist this domain if you are using custom fonts. This asset used to be served at `https://explo-custom-fonts.s3.us-west-1.amazonaws.com`, but we have since migrated it to `custom-assets.explo.co` (in January 2025). We will continue to support both for backwards compatibility. Our support team will reach out to those who might be using the old URL in their allowlist.
