Security

Security is one of the important modules in the Vahana Cloud. It allows you to configure security access policies for the application that you design in vDesigner. Before publishing a mobile app, you necessarily need to define the access policies. 

While defining the access policy for an application, you can define several session related timeframes, requirements of app related logs, and others.

You can define the access policies as follows:

1. On the Vahana portal’s dashboard, click View All to display the Applications page.

2. On the Applications page, find the application or enter the application’s name in the Search filter box to find it.
3. After you find the application, double-click it to display the Dashboard page.
4. On the Dashboard page, put the mouse pointer on the left panel to expand it.
5. In the left panel, click Security () to display the Security page.

6. On the Security page, configure different access policies as follows:

Policy	Description
AP_STATUS	In this box, enter ACTIVE or INACTIVE to define the status of the application.
AP_CLIENT_SECRET	This box automatically displays the client secret key. It is used to connect the application to the Vahana Run Time Manager. The client secret key is a dash character separated alphanumeric value (7485454b-310a-4dfe-6435-097ec93cf66b). Note:- If the AP_CLIENT_SECRET box does not display the client secret key, contact the Decimal Technologies’ dev ops team.
AP_SERVER_LOG_REQUIRED	In this box, enter one of the following values: 1. Y:- This value represents ‘yes.’ If you enter Y, it means that the server will periodically send logs to you for reporting purposes. 2. N:- This value represents ‘no.’ If you enter N, it means that the server will not send logs to you.
AP_APP_SESSION_EXPIRY_TIME	In this field, enter a numeric value (for example, 4). This value specifies the number of days after which the mobile app’s session will automatically expire. If the app session expires, the user needs to restart the mobile app by tapping its icon.
AP_USER_SESSION_EXPIRY_TIME	In this field, enter a numeric value (for example, 1440). This value specifies the timeframe in minutes. After this timeframe, the current user session will be terminated automatically.
AP_MULTIPLE_SESSION_ALLOWED	In this box, enter one of the following values: 1. Y:- This value represents ‘yes.’ If you enter Y, it means that you are allowing multiple sessions with the mobile app. With the multiple sessions feature, multiple users can log in to the application simultaneously. 2. N:- This value represents ‘no.’ If you enter N, it means that you are not allowing multiple sessions with the mobile app.
AP_INACTIVE_SESSION_REQUIRED	In this box, enter one of the following values: 1. Y:- This value represents ‘yes.’ If you enter Y, it means that you want to define the user inactive session expiry time. 2. N:- This value represents ‘no.’ If you enter N, it means that you do not want to define the user inactive session expiry time.
AP_INACTIVE_SESSION_EXPIRY_TIME	In this field, enter a numeric value (for example, 1400). This value specifies the timeframe in minutes. If the user remains inactive on the application for more than this timeframe, the user session will be automatically terminated. Thus, the user will have to log in to the application again.
AP_MOBILE_APPLICATION_LOGS_REQUIRED	In this box, enter one of the following values: 1. Y:- This value represents ‘yes.’ If you enter Y, it means that the server will send the application’s data logs to you. 2. N:- This value represents ‘no.’ If you enter N, it means that the server will not send the application’s data logs to you.