diff --git a/auth-web/nginx.conf b/auth-web/nginx.conf
index 952983ae43..fa969367cd 100644
--- a/auth-web/nginx.conf
+++ b/auth-web/nginx.conf
@@ -44,7 +44,7 @@ http {
     add_header Pragma "no-cache";
 
     # Content Security Policy
-    add_header Content-Security-Policy "default-src 'self'; frame-src 'self' *.gov.bc.ca *.hotjar.com; script-src 'self' 'unsafe-eval' *.gov.bc.ca *.hotjar.com; style-src 'self' 'unsafe-inline' *.cloudflare.com; font-src 'self' *.gov.bc.ca *.hotjar.com *.cloudflare.com; img-src 'self' data:; connect-src 'self' *.gov.bc.ca *.launchdarkly.com *.hotjar.com *.postescanada-canadapost.ca *.sentry.io wss://ws2.hotjar.com/; manifest-src 'self';";
+    add_header Content-Security-Policy "default-src 'self'; frame-src 'self' *.gov.bc.ca *.hotjar.com; script-src 'self' 'unsafe-eval' 'unsafe-inline' *.gov.bc.ca *.hotjar.com *.googleapis.com; style-src 'self' 'unsafe-inline' *.cloudflare.com; font-src 'self' *.gov.bc.ca *.hotjar.com *.cloudflare.com; img-src 'self' data:; connect-src 'self' *.gov.bc.ca *.launchdarkly.com *.hotjar.com *.postescanada-canadapost.ca *.sentry.io wss://*.hotjar.com *.hotjar.io; manifest-src 'self';";
 
     listen 8080;
     server_name _;