Configure Organization Security

   Journey Manager (JM) The transaction engine for the platform.  |    System Manager / DevOps  |  24.04This feature was updated in 24.04

Manager allows you to configuring an organization security to allow or refuse form rendering on certain browsers or form requests with certain headers. Manager has a black list of older IE browsers that are not supported. Otherwise, it does a white list, so new browsers (meaning new mobile devices) may come into the market and they are not blocked automatically.

Note

The system settings are defined in the default Form Submission Access Controller service.

Note

You can configure organization's security settings using the Configuration Service.  |  24.04 This feature was introduced in 24.04

To configure organization security:

  1. Select Forms > Organizations.
  2. Locate an organization and click Edit.
  3. Select the Security tab to override browser's support policies, which will be used by all forms.
    Manager configure organization's security window.
  4. Select the Override System Defaults checkbox to override the system default supported secure browser configurations.
  5. Select the Enable Internet Explorer 10 checkbox to enable the Microsoft IE 10 browser.
    Note

    Microsoft IE 10 browser is not supported by Microsoft and Manager for security reasons.

  6. Select the Enable Internet Explorer 9 checkbox to enable the Microsoft IE 9 browser.
    Note

    Microsoft IE 9 is not supported by Microsoft and for security reasons.

  7. Select the Enable Internet Explorer 8 checkbox to enable the Microsoft IE 8 browser.
    Note

    Microsoft IE 8 is not supported by Microsoft and Manager for security reasons.

  8. Provide the form CSP security HTTP header value used if not overridden by the organization CSP header value in the System Default CSP Header field.
  9. Select the Override System Default checkbox to override the system default Content Security Policy (CSP) configuration.
  10. Provide the form CSP security HTTP header value in the Organization CSP Header field. Any form space property CDN Server URL value will be automatically injected into script-src-self value.
  11. Click Save to update the changes.

Next, learn how to view organizations.