Frontend security configuration guide
To ensure smooth payment redirection and security validation during OpenAPI integration, please configure the domain whitelist and Content Security Policy (CSP) as per the guidelines below.
3DS security verification CSP configuration
When purchasing crypto, the system will check if 3DS verification is required. If needed, you must redirect the user to the 3DS authentication page. When using the iFrame method and your website has CSP enabled, make sure to configure the following CSP rules:
connect-src https://*.osl-pay.com https://*checkout.com wss://*.checkout.com
frame-src https://*.osl-pay.com https://*checkout.com wss://*.checkout.com
script-src https://*.osl-pay.com https://*checkout.com wss://*.checkout.comRisk SDK CSP configuration
When integrating Risk SDK, ensure the following CSP rules are configured:
connect-src https://*.osl-pay.com https://*checkout.com wss://*.checkout.com https://*.forter.com
frame-src https://*.osl-pay.com https://*checkout.com wss://*.checkout.com https://*.forter.com
script-src https://*.osl-pay.com https://*checkout.com wss://*.checkout.com https://*.forter.comUpdated 3 days ago