diff --git a/nginx.conf b/nginx.conf
index 2570ed9db..8f3e80da6 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -39,7 +39,7 @@ http {
             index  index.html index.htm;
 
             add_header Cache-Control "no-cache";
-            add_header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com";
+            add_header Content-Security-Policy "default-src 'self'; connect-src 'api.ipa.ucdavis.edu'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; font-src 'self' https://fonts.gstatic.com";
             add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
             add_header X-Content-Type-Options "nosniff";