How can my IT department allow Tenor?

If your IT department has especially strict security, there might be a little work required to get Tenor up and running. You may need to ask them to "whitelist" our application so it's not disabled by your corporate filters.

Domain whitelisting is the process of telling your organization’s security tools (like firewalls, secure browsers, or email filters) that a specific website or platform is trusted and should be allowed through.

If Tenor is not whitelisted, users may run into issues accessing the platform, such as blocked pages, login errors, or inability to access some of Tenor's features — especially in organizations that use tools like Mimecast’s Secure Browser Isolation, Zscaler, or Cisco Umbrella.


What Should Be Whitelisted?

As a starting point, you can request the following domains to be whitelisted:

  • *.tenorhq.com    
  • *.stytch.com    

These are the primary domains for Tenor's application (Stytch is our authentication vendor, powering our secure login experience).


Note: If your org uses a secure browser (e.g., Mimecast), you may also need to disable isolation or inspection for these domains to ensure full functionality.


If that doesn't work, you may also need to whitelist a longer list of services that power Tenor in the background. This list includes:

  // Tenor (core application)
  '*.tenorhq.com',

  // Stytch (authentication / login)
  '*.stytch.com',

  // Posthog (product analytics)
  '*.posthog.com',

  // Vapi / Daily (core audio conversation experience)
  '*.vapi.ai',
  '*.daily.co',
  'wss://*.wss.daily.co',
  'wss://*.daily.co',

  // Cloudfront (image storage)
  '*.cloudfront.net',

  // Vercel (real-time capabilities)
  'vercel.live',
  '*.vercel.live',
  'vercel.com',
  '*.vercel.com',
  '*.pusher.com',
  'pusher.com',
  'wss://*.pusher.com',

  // HelpScout (help desk vendor)
  'fonts.gstatic.com',
  '*.helpscout.net',
  'beaconapi.helpscout.net',

  // Sentry (error tracking)
  '*.ingest.sentry.io'

IT Checklist

Share this checklist with your IT/Engineering/Infosec teams:

  • Confirm if any security filters (e.g., Mimecast, Zscaler, proxy settings) are in place
  • Add the listed Tenor domains to your allowlist
  • Ensure SSL inspection is disabled for these domains if needed
  • Test login and scenario playback after whitelisting

Need Help?

If your team continues to experience access issues after whitelisting, reach out to Tenor Support (support@tenorhq.com) and we’ll help troubleshoot!

Still need help? Contact Us Contact Us