DataDog · thomasbertet · May 21, 2026 · May 21, 2026 · May 21, 2026
@@ -154,6 +154,23 @@ All Datadog SDKs traffic is transmitted over SSL (default 443) to the following
 | AP1  | `https://browser-intake-ap1-datadoghq.com`    |
 | AP2  | `https://browser-intake-ap2-datadoghq.com`    |
 
+### Additional endpoints for Browser Profiling
+
+When [Browser Profiling][19] is enabled, the SDK also contacts a quota API to determine whether profiling is permitted for the current session. This uses a `quota.` subdomain of the standard intake origin:
+
+| Site | Quota API URL                                             |
+|------|-----------------------------------------------------------|
+| US1  | `https://quota.browser-intake-datadoghq.com`             |
+| US3  | `https://quota.browser-intake-us3-datadoghq.com`         |
+| US5  | `https://quota.browser-intake-us5-datadoghq.com`         |
+| EU1  | `https://quota.browser-intake-datadoghq.eu`              |
+| US1-FED  | `https://quota.browser-intake-ddog-gov.com`          |
+| US2-FED  | `https://quota.browser-intake-us2-ddog-gov.com`      |
+| AP1  | `https://quota.browser-intake-ap1-datadoghq.com`         |
+| AP2  | `https://quota.browser-intake-ap2-datadoghq.com`         |
+
+If you use a [proxy][20] or have a [Content Security Policy (CSP)][21], ensure these `quota.` domains are also allowed. See the [Browser Profiling setup][19] page for details.
+
 ## Explore Datadog RUM
 
 Access RUM by navigating to [**Digital Experience > Performance Summary**][1].
@@ -270,3 +287,6 @@ You must have edit access to restore general access to a restricted application.
 [16]: /real_user_monitoring/application_monitoring/
 [17]: https://app.datadoghq.com/rum/optimization/inspect
 [18]: /account_management/rbac/
+[19]: /real_user_monitoring/correlate_with_other_telemetry/profiling
+[20]: /real_user_monitoring/guide/proxy-rum-data
+[21]: /integrations/content_security_policy_logs
@@ -83,7 +83,11 @@ To start collecting data, set up [RUM Browser Monitoring][2].
         });
     ```
 
-3. Set up Cross-Origin Resource Sharing (CORS) if needed.
+3. **Quota check**: Before starting a profiled session, the SDK makes a request to a quota API to determine whether the current RUM session will receive profiling data.
+
+    If you use a [proxy][13] or [CSP][14], you must also allow the `quota.` subdomain of your site's standard intake origin (for example, `https://quota.browser-intake-datadoghq.com` for US1, serving the `/api/v2/profiling/quota` endpoint). See the full list of quota endpoints per site in the [Supported endpoints][15] section, and refer to the [proxy setup documentation][13] for details on routing subdomain-specific requests.
+
+4. Set up Cross-Origin Resource Sharing (CORS) if needed.
 
       This step is required only if your JavaScript files are served from a different origin than your HTML. For example, if your HTML is served from `cdn.com` and JavaScript files from `static.cdn.com`, you must enable CORS to make JavaScript files visible to the profiler. For more information, see the [Browser profiling and CORS](#cors) section.
 
@@ -101,7 +105,7 @@ To start collecting data, set up [RUM Browser Monitoring][2].
        });
        ```
 
-{% collapse-content title="Browser profiling and CORS" %}
+{% collapse-content title="Browser profiling and CORS" id="cors"%}
 
 #### Requirements for Cross-Origin Scripts (CORS)
 
@@ -350,3 +354,6 @@ Use the **flame graph** to identify which functions consume the most Wall time d
 [10]: /real_user_monitoring/rum_without_limits/ 
 [11]: /real_user_monitoring/application_monitoring/ios
 [12]: /real_user_monitoring/application_monitoring/ios/application_launch_monitoring?tab=swift
+[13]: /real_user_monitoring/guide/proxy-rum-data
+[14]: /integrations/content_security_policy_logs
+[15]: /real_user_monitoring/#supported-endpoints-for-sdk-domains
@@ -148,6 +148,8 @@ The RUM Browser SDK adds a `ddforward` query parameter to all requests to your p
 
 For example, with a `site` set to `datadoghq.eu` and a `proxy` set to `https://example.org/datadog-intake-proxy`, the RUM Browser SDK sends requests to a URL like this: `https://example.org/datadog-intake-proxy?ddforward=%2Fapi%2Fv2%2Frum%3Fddsource%3Dbrowser`. The proxy forwards the request to `https://browser-intake-datadoghq.eu/api/v2/rum?ddsource=browser`.
 
+When [Browser Profiling][3] is enabled, the SDK also sends requests to the quota API using a `quota.` subdomain of the standard intake origin. For these requests, the SDK adds a `ddforwardSubdomain=quota` query parameter alongside `ddforward`, so your proxy can construct the correct target URL: `https://quota.browser-intake-datadoghq.eu/api/v2/profiling/quota?...`.
+
 <!-- SDK version >=5.4.0 -->
 {% if equals($rum_browser_sdk_version, "gte_5_4_0") %}
 ### Passing a function to the `proxy` initialization parameter
@@ -158,6 +160,7 @@ This function receives an object with the following properties:
 
 - `path`: the path for the Datadog requests (example: `/api/v2/rum`)
 - `parameters`: the parameters of the Datadog requests (example: `ddsource=browser&...`)
+- `subdomain` _(optional)_: the intake subdomain to target, when the request should go to a subdomain-specific endpoint rather than the standard intake origin. For example, when [Browser Profiling][3] is enabled, the SDK passes `subdomain: 'quota'` so your proxy can route the request to `https://quota.browser-intake-datadoghq.eu/api/v2/profiling/quota?...` instead of the standard intake.
 
 <!-- NPM -->
 {% if equals($lib_src, "npm") %}
@@ -226,3 +229,4 @@ The Datadog intake origin needs to be defined in your proxy implementation to en
 
 [1]: /real_user_monitoring/application_monitoring/browser/setup/client/?tab=rum#initialization-parameters
 [2]: https://github.com/easylist/easylist/blob/997fb6533c719a015c21723b34e0cedefcc0d83d/easyprivacy/easyprivacy_general.txt#L3840
+[3]: /real_user_monitoring/correlate_with_other_telemetry/profiling