You don’t, it’s not supported/encouraged by the devs.
You could however have a look at this post and add /api/google_assistant to the allowed URLs. You need it to be fully open to set it up, and then you can lock it down.
I worked this out by simply checking the proxy logs to see what was being blocked and then selectively opening things up.
(I’ll see about writing this up on my blog, you’re not the first person to ask).