1. Picsart Enterprise
  2. Embeddable Editor
  3. Whitelisting & Domains

How to Whitelist Domains for the Embeddable Editor: Root vs. Subdomains Explained

Understanding the Embeddable Editor in This Guide

In this guide, we’ll refer to the Embeddable Editor or Picsart Enterprise’s Embeddable Editor as a general term. This includes all configurations of our editor solutions, such as:

  • Photo Print Editor – Designed for online print services and photo customization.
  • Web-to-Print Editor – Enables personalized product design for eCommerce and print-on-demand platforms.
  • Static Ads Editor – A creative tool for designing static advertising assets.
  • Video Ads Editor – Used for editing and optimizing video-based ad content.
  • Enterprise Custom Configurations – Custom-built versions of the editor tailored for specific enterprise needs.

While different businesses use custom configurations of the editor, the whitelisting process remains the same across all versions. The following sections will guide you through properly configuring domain access to ensure a seamless integration and secure usage across different environments.

Understanding Domain Whitelisting

When setting up Picsart Enterprise’s Embeddable Editor, you’ll need to whitelist your domain to ensure secure and authorized access. However, you may notice that the system does not accept subdomains like https://wp.yourdomain.com/. Instead, you should whitelist only the root domain (yourdomain.com).

This might raise questions, especially if you plan to host the editor or integrate services on a subdomain. But don’t worry—whitelisting the root domain will automatically cover all associated subdomains, ensuring everything functions smoothly.

How to Correctly Whitelist Your Domain

When adding your domain in the Whitelist Domains section, follow these guidelines:

Enter only the root domain:

  • ✅ Correct: https://yourdomain.com
  • ❌ Incorrect: https://wp.yourdomain.com/
  • ❌ Incorrect: https://yourdomain.com/path

🚀 Why? Whitelisting the root domain ensures that the editor or API integrations will function seamlessly across all subdomains, eliminating the need to manually enter multiple variations. This approach is particularly beneficial for businesses and developers who operate in multi-environment setups, such as:

  • Production (app.yourdomain.com) – The live environment used by customers.
  • Staging (staging.yourdomain.com) – A near-production environment for final testing.
  • Preproduction (preprod.yourdomain.com) – Used to validate updates before moving to staging.
  • Development (dev.yourdomain.com) – Internal environment for active development and debugging.

By whitelisting only the root domain, teams can ensure consistent Editor and API access across all these environments without repeatedly updating the allowlist. This simplifies testing, deployment, and scaling strategies, making it easier to experiment with configurations, validate new features, and ensure a smooth transition from development to production.

Examples of Common Use Cases

Example 1: Using the Embeddable Editor Across Multiple Environments

Many businesses maintain separate environments for development, testing, and production. For example, you might have:

  • Production (app.yourdomain.com) – The live environment used by customers.
  • Staging (staging.yourdomain.com) – A near-production environment for testing before release.
  • Preproduction (preprod.yourdomain.com) – An internal environment to validate updates before staging.
  • Development (dev.yourdomain.com) – Used for active feature development and debugging.

Instead of whitelisting each of these subdomains separately, simply add yourdomain.com as the whitelisted root domain. This ensures that all subdomains—including staging and preproduction instances—can access the Embeddable Editor without requiring additional configuration.

This approach streamlines testing workflows, reduces setup complexity, and ensures a seamless transition between environments as updates are deployed.

Example 2: Managing Multiple Stores or Multiple Embedded Editor Integrations

If your business operates several online stores or integrates the Embeddable Editor into multiple applications, managing domain access properly is essential. Some common scenarios include:

  • A print-on-demand company running separate storefronts, such as customtshirts.com, personalizedmugs.com, and photoalbums.com.
  • A creative platform embedding the Embeddable Editor in multiple locations, such as editor.yourcompany.com for design tools and print.yourcompany.com for order customization.
  • An enterprise business using the Embeddable Editor in different internal tools or customer-facing applications.

In cases like these, you should create separate applications within your Picsart Enterprise account to isolate each integration. Each subscription is designed to cover one integration point (touchpoint), meaning that if you have multiple integrations, you’ll need a separate subscription for each. This is part of our pricing model, ensuring that each use case is properly accounted for. For full details on subscription scope and pricing, visit our pricing page.

If this applies to you, we recommend reaching out to our support team. We’ll help you determine the best setup for your specific needs and guide you through optimizing your integration strategy.

Troubleshooting Whitelisting Issues

If you encounter issues while setting up the Embeddable Editor, check for these common mistakes:

  • Invalid Domain Format – Ensure you’ve entered only the root domain (e.g., yourdomain.com), without subdomains, https://, or directory paths.
  • Whitelisting Not Applied – If changes were recently made, allow some time for them to take effect or try refreshing your settings.

Export Function Not Working? Check Your Whitelist

One of the most common issues caused by incorrect domain whitelisting is that the editor’s export feature gets blocked. The integration may seem functional—users can load the editor, create designs, and complete the customization process—but when they try to export or download the final file, it won’t work.

If you notice that export is disabled or unresponsive, it’s likely that your domain is not whitelisted properly. Double-check that your root domain is added correctly in the whitelisting settings. Fixing this should restore full functionality, including the ability to save and export designs without interruptions.

If the issue persists after updating the whitelist, feel free to reach out to our support team for assistance.

Wrapping Up

Whitelisting just the root domain simplifies the setup process and ensures all subdomains work seamlessly with Picsart Enterprise’s tools. This approach reduces the need for multiple entries and ensures a more flexible and scalable integration.

If you have any questions or run into issues, feel free to contact our support team—we’re happy to help! 🚀

Was this article helpful?