Series: Security and Data Privacy
Application security
AppFoundry Partners listed on AppFoundry must at least adhere to the following guidelines:
- Use TLS to encrypt the traffic of all applications and integrations interfacing with Genesys Cloud.
Notes: The required TLS version is TLS version 1.2 or later. TLS version 1.2 using AES 256 encryption or later with SHA-256 MAC is recommended for use. - Maintain control of the domains where your app descriptor file is hosted and the domains specified as the baseURL or other URLs in the app descriptor file.
- Provide valid TLS certificates for the domains where your app descriptor file is hosted and the domains specified as the baseURL or other URLs in the app descriptor file.
- Authenticate and authorize all requests by the application.
- Authenticate and authorize the data stored by your application and services.
- Do not display JWT Tokens and OAuth Tokens, including referrer headers and public repositories, such as Bitbucket and GitHub.
- Set the
HttpOnlyandSecureflags when sending set-cookie headers for session-related cookies.
Security and data privacy :Previous Suggested Article Next Suggested Article: Data privacy
