Loading

MIAW button is not loaded on external websites due to unexpected CORS preflight requests

Udgivelsesdato: Jun 3, 2026
Beskrivelse

MIAW button does not load if a 3rd party library on the external website (for ex: Azure Application Insights) adds correlation headers (for ex: "Priority" header) to the XHR requests causing unexpected CORS preflight requests for MIAW embedded-service-config and businesshours requests.

The following errors are seen in browser console:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at ' https://MyDomain.my.salesforce-scrt.com/embeddedservice/v1/embedded-service-config?orgId=<orgid>&esConfigName=<ESDDevName>'. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 403.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://MyDomain.my.salesforce-scrt.com/embeddedservice/v1/embedded-service-config?orgId=<orgid>&esConfigName=<ESDDevName>. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 403.

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://MyDomain.my.salesforce-scrt.com/embeddedservice/v1/embedded-service-config?orgId=<orgid>&esConfigName=<ESDDevName>. (Reason: CORS request did not succeed). Status code: (null).

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://MyDomain.my.salesforce-scrt.com/embeddedservice/v1/businesshours?orgId=<orgid>&esConfigName=<ESDDevName>. (Reason: CORS request did not succeed). Status code: (null).

Løsning

Add https://*.my.salesforce-scrt.com domain to the list of correlationHeaderExcludedDomains. 

Reference Article: For instructions on excluding domains from correlation headers, see Troubleshoot Azure Application Insights Webpage Issues on Microsoft Learn.

Vidensartikelnummer

004259605

 
Indlæser
Salesforce Help | Article