Versions Compared

Old Version 19

changes.mady.by.user Klári Németh

Saved on

compared with

New Version 20

changes.mady.by.user Klári Németh

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Single sign-on (SSO) lets users access all authorized network resources with one login. Usernames and passwords are validated against your corporate user database or other client apps rather than Antavo managing separate passwords for each resource. Some of Antavo’s integrations have developed use SSO authentication with Auth0 using JSON web tokens (JWT) formatthrough the Auth0 identity management platform.

Security measures

There are a few security measures that you need to take under the Settings menu of the Antavo Backoffice.

  • Define the password complexity rules and expiry time under the Passwords section

  • Select a timezone for your loyalty program under the Localization section
    This will reflect in the settings that are time-related, for example, coupon expiration deadlines.
    Please note that the Antavo servers have UTC time synchronized clocksPlease note that the configuration of imports, exports, and workflows (including both campaigns and ‘On a date’-triggered general workflows) reflects the actual execution and is based on the UTC timezone and displayed in the Backoffice accordingly.

  • Determine the session length of the brand under the Security tab

...

Antavo creates a backup of all customer data. This customer service ensures a 90-day retention period and 1-hour snapshots. Backups are located in the same stack as production instances. Please reach out to the Antavo Service Desk in case you have further questions or requests.

...

Security logs can be accessed by opening to the Security logs tab of the Settings menu. This page lists all login and password reset information that occurs in the specific brand.
Read more about the details that can be accessed here.

...

The Log page of the Webhook, Webhook (beta), and Incoming Webhook modules shows the list of events to keep track of webhook triggered messages.

  • The Webhook and Webhook (beta) log page lists the time, action, customer, response status with code, as well as a detailed breakdown for every webhook, which includes the header and messages.
    Third-party tools PostBin can be used to display outbound webhook messages.
    The webhook log also has the possibility of resending a webhook event, in case there was an error.

  • The Incoming Webhook log page lists the date and time of the registration of the webhook message, the detailed request with the endpoint it was sent to, the processing time, and the response status with code.

Info

Find information about the retention time of logs here.

Access management

User role permissions

...