General
JWT for Authenticating Users in the ASAP Add-Ons
Introduction Based on whether they choose to login to the ASAP add-on or not, end-users can be classified as guest users and authenticated users. Those who choose to not login are called guest users and those who choose to login are called ...
Working with the ASAP Add-Ons for Mobile Platforms
The ASAP SDKs for mobile platforms--iOS and Android--make help available within quick reach for the end-users of your mobile apps. Using these SDKs, you can create and customize add-ons that reside within your app and provide end-users with easy ...
Debugging JWT-Related Errors While Configuring the ASAP Add-On
While setting up an ASAP add-on for your web/mobile app, you might encounter an error related to JSON Web Token (JWT) configuration. It is essential to debug this error because user authentication in the ASAP add-on is possible only through JWTs. ...
Embedding the ASAP Add-On on Sites with a Content Security Policy
Injection-based attacks are some of the most severe and harmful security threats that websites/web apps face. Having a Content Security Policy (CSP) is a powerful way to guard against such attacks. If your website/app has a CSP with ...
Generating nonces for the ASAP add-on
Suppose your website or mobile app has a CSP (Content Security Policy) with script-src (a directive that controls a set of script-related privileges). In that case, you will not be able to embed the ASAP add-on using the regular code snippet. You ...