Enhance Security - Direct Integration

AppNavi now offers enhanced protection for the metadata file used in direct integration. With this update, application metadata is no longer publicly accessible, even if the application is hosted on a public website.

This protection is automatically enabled when tenant encryption is active for your account.

For direct integration, the recommended approach is to generate the integration code snippet via the app menu. This ensures proper configuration and improved security.

Steps to Generate Script

1. Generate Secure Integration Script

• Navigate to the Edit Application page.
• Click on the "Generate Integration Script" icon/button.
• A popup will appear containing a
• appId (only if encryption is enabled)
• delay
• sh (security hash generated dynamically)

2. Improved Security

• The meta file is no longer directly accessible when encryption is enabled.
• Each script is uniquely signed and verified, protecting it from misuse.
• All resources (data files, images, videos) are securely served using this protection.

3. No Action Needed for Chrome Extension Users

• If you use AppNavi via the Chrome Extension, everything continues to work as before.
• The system automatically handles encryption and resource loading in the background.

4. Full Compatibility

• Older integrations without encryption or appId still work as expected.
• You can progressively adopt this secure integration without breaking current setups.