Application configuration
•
Environment: cloud
Some tooltip text!
• 5 minutes to read
• 5 minutes to read
Authentication
| Setting | Description | How-tos | Read more |
|---|---|---|---|
| Is native or mobile app | Type if application. OAuth2 Native App flow if checked. | Create native app | OAuth2 Native app flow |
| Client ID | Uniquely identifies the application. | Find client ID | Terminology |
| Allowed redirect URLs | Context-specific URLs that will be called by the browser after successful sign-in or when a user clicks one of the available buttons on your application entry. | Add or update | About redirects and CORS |
| Allowed postlogout redirect URLs | Context-specific URLs that will be called by the browser after successful sign-out a user. | Add or update | Endpoint types |
| CORS URLs | Add or update | About redirects and CORS | |
| Default redirect URL | Used by legacy authentication - add all needed redirect URLs to your apps allowed list. | Add or update | Endpoint types |
| Authorize | The description shown in the concent dialog when the admin is prompted to approve the application. | Get consent, Add or update text | About consent |
Note
Redirection and CORS URLs must be listed one per line.
Secrets and certificates
| Setting | Description | How-tos | Read more |
|---|---|---|---|
| Client secret | The application token (password). Must be supplied when invoking any of the SuperOffice CRM Online web services. | Create new client secret | Terminology |
| Certificates | RSA encryption keys | Create new certificate, Sign system user token | SuperID certificates |
Endpoints
| Setting | Description | How-tos | Read more |
|---|---|---|---|
| Supported endpoints | Endpoints the application can connect to. | Update endpoints | What API to use |
Notifications
SuperOffice provide the capability to either push or pull tenants status, this is where you provide a public endpoint we may push changes to.
| Setting | Description | How-tos | Read more |
|---|---|---|---|
| Customer state change endpoint | URL SuperOffice can push notifications to you when a tenant change status (off/on) | Manage notifications | About tenant status |
| Send error emails to technical contact | If checked, the person listed as technical contact for the app will receive error emails. | Get error emails, Update contact person | About tenant status |
Integrations
| Setting | Description | How-tos | Read more |
|---|---|---|---|
| ERP sync | For integration with an ERP system. | Create sync app | ERP connector API |
| Quote connector | Create sync app | Quote connector API | |
| Mirroring | For local processing when real-time data is not the most important consideration. | Create mirror app | About mirroring |
For each of the above:
- Endpoint URL, off/on
- Send error emails to technical contact
License
Note
Licenses may only be changed by SuperOffice employees. For custom applications, we require that the customer has an active subscription to Development Tools.
| Setting | Description | How-tos | Read more |
|---|---|---|---|
| Required licenses | The licenses this application needs. | About licenses | |
| Granted licenses | The licenses included. | About licenses |
- Custom apps
- Integration server
- Database mirroring
- Expander services
Standard ERP Sync applications may be granted Integration Server so the ERP Sync panel in the customers admin is activated.
Advanced
These settings are read only for all except SuperOffice AS app managers.
| Setting | Description |
|---|---|
| Supports multi-tenant identity | Only internal |
| Allow redirection to partner application for suspended customers | Only internal |
| Access to (claims) | Returned in the JWT as claims - for server-to-server apps we tick SystemToken |
| Access to (agents) | These agents are restricted in our Online environment. A custom app may get access to CRMScript agent. |
| Custom error URL | Where users are sent if the sign-in is unsuccessful. |
| Custom claims | In addition to the SuperOffice claims. |
| Exclude from invoice | Only internal |
Claims:
- internalnetserverurl
- system token
- person ID
- feature toggles
- minimum pocket version
Agents:
- user
- erpsync
- replication
- messaging
- maillink
- webhook
- CRMScript
- data
- AI
- dash
Verification
| Setting | Description | How-tos | Read more |
|---|---|---|---|
| Authorization level | All apps will get Administrator by default in SOD. Custom applications will be changed to Explicit when published to production. | Request to publish | |
| Security audit | Workflow status. | About Watchcom initial security evaluation | |
| Certified | Workflow status. | Steps to certification | About certification ,Certification checklist |