CSP Errors when opening ZVA window on a website

Question

If you have successfully created a campaign and see the "button" for Zoom Virtual Agent on your website, but it's not loading, then it's likely the SDK has not been "whitelisted by your website's CSP.

Some websites have a Content Security Policy (CSP) that only authorizes "whitelisted" or "allowed" endpoints to access their website. Each CSP is unique, so please get in touch with the person who manages the website you want ZVA to work on (or across) and ask them to update the CSP settings to match the recommendations in this article.

CSP SETTINGS FOR ZVA SDK: https://developers.zoom.us/docs/virtual-agent/web/get-started/

Send this link to your web developer, and they will understand which protocol you use and implement the CSP headers for ZVA accordingly.

Additionally, please note that Zoom's SDK options are committed to security and adhere to best-in-class protocols. We require a minimal version of our SDK to be implemented. If ZVA was working on your website and suddenly stopped, check your SDK version against SDK Version Policy here: https://developers.zoom.us/docs/meeting-sdk/minimum-version/.

There's also a handy article about whitelisting Zoom's IP addresses in the Zoom Community. While not usually the cause of this error, not having the updated IP addresses as "allowed" in your firewalls can cause user experience issues.

Hope this helps!

harrykane51 · Answer

Thanks for the detailed explanation. CSP issues can definitely be tricky to spot. Updating the whitelist usually fixes the problem quickly once the web team gets involved. Good reminder to keep the SDK updated too helped me avoid headaches before. This will be really useful for anyone struggling to get the Zoom Virtual Agent running smoothly.

CSP Errors when opening ZVA window on a website

1 reply

Getting Started

Getting Started

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded