Products Products
Support & Forums Support & Forums
Compliance Testing Compliance Testing
Labs & Sandboxes Labs & Sandboxes
Program Program
Co-Marketing Co-Marketing
Avaya Experience Platform Avaya Enterprise Cloud Avaya Client SDK Avaya Aura Platform See All Products Find Developer Resources

Avaya Experience Platform

Overview Interfaces Learning Support Options Compliance Testing

Avaya Enterprise Cloud

Overview Interfaces Learning Support Options Compliance Testing

Avaya Client SDK

Overview Programming Docs Developer Downloads Licensing Support & Testing

Avaya Aura Platform

Application Enablement Services Communication Manager Presence Services Snap-in Session Manager System Manager Session Border Controller
About DevConnect Support Submit Support Tickets Support Forums Other Support Options

About DevConnect Support

Support Options Support FAQs Supported Platforms and Interfaces

Submit Support Tickets

Procured System Support
For procurement issues or questions Remote Lab Support
For issues and questions related to DevConnect remote labs Membership & Program Support
For membership and program benefits questions General Support
For general issues not covered by the other support tickets

Support Forums

Avaya Client SDK AEServices DMCC APIs AEServices JTAPI AEServices Web Services Avaya Workspaces Avaya Experience Platform Orchestration Designer All Forums

Other Support Options

Product Notices Non-DevConnect Support Resources

Compliance Testing

About Compliance Testing Compliance Tested Solutions

About Compliance Testing

Compliance Testing Overview Avaya Interfaces Eligible For Testing Compliance Testing FAQs Compliance Testing Guide(s) (PDF)

Compliance Tested Solutions

DevConnect Marketplace Search Applications Notes

Labs & Sandboxes

Remote Labs Procurement Benefits

Remote Labs

Remote Labs Overview Avaya Aura Session Manager Avaya Aura AE Services & Communication Manager Self Services (Experience Portal) Avaya Proactive Outreach Manager Avaya Contact Center Elite

Procurement Benefits

About DevConnect Procurement Access/View Procurement Catalog Procurement FAQs DevConnect Procured System Support

Program

Program Overview Program Benefits Membership Options

Program Overview

DevConnect Membership Levels DevConnect Program Guide (PDF) DevConnect Program FAQs

Program Benefits

Membership Benefits DevConnect Procurement Co-marketing

Membership Options

Manage My Portfolio/Solutions Manage My Profile

Co-Marketing

Co-Marketing Benefits Relationship Benefits

Co-Marketing Benefits

Co-Marketing Overview Logos Marketplace Co-branded Collateral Select Product Program

Relationship Benefits

Social Media 8-and-Out Podcasts Sponsorships Advertising

Avaya Client SDK

< Back to Package Overview

Secure Configuration

Many Recording Management Service use the ClientConfig.isSecure flag to indicate when the connection shall be secured. It is a boolean value to determine if security is to be used for the connection to the server.

Platform specific information

If you are not already, Avaya encourages you to become familiar with the security issues and tools specific to your platform. For JavaScript a good starting point is:

This material is by no means exhaustive. It is provided to highlight that security in general is something that encompasses all aspects of application development and distribution. There are many resources available to you to help design, implement, and distribute your application to meet your security requirements.

To assist you in integration of Avaya Client SDK into your application and your holistic security strategy, information specific to Recording Management Service Package is provided below.

HTTPS

Hyper Text Transfer Protocl Secure is the secure version of HTTP. S letter on HTTPS stands for “Secure” which basically means that communications between user’s browser and the website are encrypted. HTTPS pages usually use one of two secure protocols to encrypt communications:

  • SSL (Secure Scokets Layer),
  • TLS (Transport Layer Security).

When user requests a HTTPS connection to a webpage, the website sends its SSL certificate to user’s browser. Certificate contains public key needed to begin the secure session. All communications sent over HTTP connections are in ’plain text’ and it’s very easy to retrieve that data for hackers. With HTTPS connection, all communications are securely encrypted. If somebody managed to hijack data, they would not be able to decrypt any of the data which passes between user and the website.

CORS

Same origin policy is used by web browsers to prevent JavaScript code from making requests against a different domain than the one from which it was served. The issue of same origin policy is that it also prevents interactions between a server and clients from a trusted domain. Cross-Origin Resource Sharing (CORS) allows to consume a REST API served from a trusted domain through JavaScript code. This mechanism gives web servers cross-domain access controls, which enable secure cross-domain data transfers. Great explanation of practical CORS use is written on MDN: