Documentation
API
Q&A
Read
AnnouncementsArticlesWebsite tips
Learn
Getting StartedManagerMaestroAnalyticsExchangeWorkspaces
Resources
VideosDownloadsExchange PackagesRelease Notes
Ideas
Contact
Platform
Manager
Maestro
Exchange
Workspaces
Analytics
Springboard

Configure Organization Security

   Journey Manager (JM) The transaction engine for the platform.  |    System Manager / DevOps  |  24.04This feature was updated in 24.04

Manager allows you to configuring an organization security to allow or refuse form rendering on certain browsers or form requests with certain headers. Manager has a black list of older IE browsers that are not supported. Otherwise, it does a white list, so new browsers (meaning new mobile devices) may come into the market and they are not blocked automatically.

Note

The system settings are defined in the default Form Submission Access Controller service.

Note

You can configure organization's security settings using the Configuration Service.  |  24.04 This feature was introduced in 24.04

To configure organization security:

  1. Select Forms > Organizations.
  2. Locate an organization and click Edit.
  3. Select the Security tab to override browser's support policies, which will be used by all forms.
    Manager configure organization's security window.
  4. Select the Override System Defaults checkbox to override the system default supported secure browser configurations.
  5. Select the Enable Internet Explorer 10 checkbox to enable the Microsoft Internet Explorer 10 (IE10) browser.
  6. Select the Enable Internet Explorer 9 checkbox to enable the Microsoft Internet Explorer 9 (IE9) browser.
  7. Select the Enable Internet Explorer 8 checkbox to enable the Microsoft Internet Explorer 8 (IE8) browser.
    Warning

    Microsoft IE8, IE9 and IE10 are not supported by Microsoft for security reasons, so Manager disables them by default.

    Microsoft IE11 is not supported as well. While Microsoft Edge has IE11 mode, there is no guarantee that Maestro forms beyond 23.04 will work as expected. All versions of Internet Explorer require the Maestro form to have the code minified.

  8. Provide the form CSP security HTTP header value used if not overridden by the organization CSP header value in the System Default CSP Header field.
  9. Select the Override System Default checkbox to override the system default Content Security Policy (CSP) configuration.
  10. Provide the form CSP security HTTP header value in the Organization CSP Header field. Any form space property CDN Server URL value will be automatically injected into script-src-self value.
    Note

    Check the Form CSP Header Value of the Form Submission Access Controller Service and the CORS Headers setting of your form space to ensure the correct CSP is used.

  11. Click Save to update the changes.

Next, learn how to view organizations.