- HTTP requests to the Corti web app
- WebSocket connections to the Corti real-time backend
Upstream URLs
The proxy forwards traffic to two upstream services. The exact URLs depend on your region:| Region | Corti web app | WebSocket backend |
|---|---|---|
| EU | https://assistant.eu.corti.app | wss://api.eu.corti.app |
| EU MD | https://assistantmd.eu.corti.app | wss://api.eu.corti.app |
| US | https://assistant.us.corti.app | wss://api.us.corti.app |
Use the URLs that match the region your Corti tenant is provisioned in. Contact support if you are unsure which region applies.
HTTP Request Forwarding
All HTTP requests from the embedded app are forwarded to a single upstream — the Corti web app.Required Headers
The proxy must set the following headers on every forwarded request so the upstream can identify the original client:| Header | Value | Example |
|---|---|---|
X-Forwarded-For | The original client IP. If already present, append the client IP to the chain. | 192.168.1.100 |
X-Forwarded-Host | The Host header as seen by the proxy (the proxy’s own hostname). | proxy.example.com |
X-Forwarded-Proto | The protocol used between the client and the proxy. | https |
Response Handling
The proxy returns the upstream response to the client as-is. No modification of status codes, headers, or body is required.WebSocket Forwarding
The Corti Assistant uses WebSocket connections for real-time audio streaming and clinical sessions. The proxy must handle the HTTPUpgrade: websocket handshake and bidirectionally forward all WebSocket frames.
Routing
All WebSocket connections use the/audio-bridge/ path prefix and are forwarded to the Corti WebSocket backend:
Connection Lifecycle
- Upgrade — When the proxy receives a request with
Upgrade: websocket, it establishes a WebSocket connection to the appropriate upstream based on the path. - Message forwarding — All messages (text and binary) are forwarded bidirectionally between the client and upstream. Messages sent by the client before the upstream connection is established should be buffered and flushed once the upstream is ready.
- Close — When either side closes the connection, the proxy closes the other side.
- Idle timeout — WebSocket connections can be long-lived. Set the idle timeout high enough to avoid dropping active audio sessions (recommended: at least 4 minutes).
Client-Side Configuration
For the embedded app to route its WebSocket connections through the proxy instead of connecting directly to the backend, the host application must setwebsocketBaseUrl using the configure action.
The host application sends the configure action with the network.websocketBaseUrl property. For implementation details, see the PostMessage API or Window API documentation.
websocketBaseUrl is set, the app rewrites the origin of all WebSocket URLs to use the proxy:
NGINX Example
A complete NGINX configuration for proxying the embedded Corti Assistant. Replace the upstream URLs with the values for your region.This example listens on port 80 for simplicity. For production, add TLS termination (
listen 443 ssl) and certificate paths.Implementation Checklist
- Forward all HTTP requests to the Corti web app upstream URL
- Set
X-Forwarded-For,X-Forwarded-Host, andX-Forwarded-Protoheaders - Handle WebSocket
Upgraderequests - Route
/audio-bridge/*WebSocket connections to the Corti WebSocket backend - Buffer client WebSocket messages until the upstream connection is established
- Send the
configureaction from the host application withnetwork.websocketBaseUrlset to the proxy URL