Sensitive Data

  • 12 July 2018
  • 2 replies
  • 34 views

Hi,


I would like to know if sensitive data ( like api key) can be set as an application parameter (entered via the custom app configuration interface) .Where is this information stored ? Is there a risk that this data is accessible via another freshdesk?

 


This topic has been closed for comments

2 replies

One more point - Installation parameters are also stored only in the same data center as the account is.


As a best practise all sensitive data should only be entered via installation parameters and not hardcoded inside the custom app. 

Hello Guillaume,


Any installation parameter entered when the app is installed is -

1. Encrypted before it is stored in our Database.

2. Only available to the same installed instance of the same App.


We have ensured that, by design, your sensitive data is only available to your own app users, and not to any other user on any other Freshdesk account.


Please do let us know if you would like more clarity here.


Thanks.