Series: Security and Data Privacy

Application security

AppFoundry Partners listed on AppFoundry must at least adhere to the following guidelines:

  • Use TLS to encrypt the traffic of all applications and integrations interfacing with Genesys Cloud.
    Notes: The required TLS version is TLS version 1.2 or later. TLS version 1.2 using AES 256 encryption or later with SHA-256 MAC is recommended for use.
  • Maintain control of the domains where your app descriptor file is hosted and the domains specified as the baseURL or other URLs in the app descriptor file.
  • Provide valid TLS certificates for the domains where your app descriptor file is hosted and the domains specified as the baseURL or other URLs in the app descriptor file.
  • Authenticate and authorize all requests by the application.
  • Authenticate and authorize the data stored by your application and services.
  • Do not display JWT Tokens and OAuth Tokens, including referrer headers and public repositories, such as Bitbucket and GitHub.
  • Set the HttpOnly and Secure flags when sending set-cookie headers for session-related cookies.
    Security and data privacy :Previous Suggested Article Next Suggested Article: Data privacy