Learn what to whitelist when Crisp needs to run behind strict network, firewall, or CSP rules.

Most companies do not need to whitelist Crisp manually. If your organization uses strict outbound filtering, bot protection, proxy rules, or a Content Security Policy, your IT team may need to allow Crisp domains, user agents, and sometimes server IP ranges.

What to whitelist

Start with the resource that matches your restriction, then keep the Developer Hub as the source of truth for current values.

The most common whitelisting needs are:

• CSP or domain filtering → allow the Crisp domain names required by the chatbox, storage, images, and real-time messaging
• Bot protection or server-side filtering → allow Crisp server user agents so link previews, Webhooks, MagicBrowse, and probes can work
• IP allowlists → review Crisp server IP addresses only when your infrastructure requires fixed IP rules

Crisp infrastructure can evolve over time. Avoid hardcoding IP allowlists unless your security policy requires it, and prefer domain or user-agent allowlisting when possible.

Useful Developer Hub pages

Keep these references close when configuring firewall, proxy, or CSP rules:

• Whitelisting our Systems → overview of Crisp network requirements
• Crisp Domain Names → domains to allow for CSP and strict network policies
• Server User Agents → user agents used by Crisp services
• Server IP Addresses → IP ranges shared by Crisp when IP allowlisting is unavoidable

Updated on: 03/05/2026