Security
Security is a critical module in Vahana Cloud, enabling you to define security access policies for the vFlow application you design. Before publishing a vFlow app, it is essential to establish these policies to ensure secure access, user session management, and logging protocols.
When defining the access policies for a vFlow application, you can configure various session-related timeframes and set requirements for application logs. These policies govern key aspects like session expiration, logging requirements, and user inactivity timeouts, ensuring secure and controlled usage.
You can define the access policies as follows:
- On the Application dashboard, click “Security” in the left panel.
2. This will open the Security section, where pre-filled policy values can be edited as needed.
| Policy | Description |
| AP_STATUS | Set the application operational status to ACTIVE or INACTIVE. |
| AP_CLIENT_SECRET | Edit this pre-filled field to specify the client secret to connect your application to the Vahana Run Time Manager. |
| AP_SERVER_LOG_REQUIRED | Choose Y/N to specify if server audit logs are required for reporting. |
| AP_APP_SESSION_EXPIRY_TIME | Define the number of days after which the vFlow app session will expire. After expiration, users must restart the app. |
| AP_USER_SESSION_EXPIRY_TIME | Set the time in minutes after which the user’s login session expires. |
| AP_MULTIPLE_SESSION_ALLOWED | Set Y/N to allow or prevent multiple concurrent sessions on different devices. |
| AP_INACTIVE_SESSION_REQUIRED | Specify Y/N to determine if inactive session expiration should be enforced. |
| AP_INACTIVE_SESSION_EXPIRY_TIME | In this field, enter the inactive session expiry time. The user inactive session time specifies the timeframe, in which the user does not perform any function on the vFlow app. After the user is inactive longer than the configured value of the user’s inactive session expiry time, the user session will automatically expire on the vFlow app. Therefore, the user will have to log in to the vFlow app again to access it. |
| AP_MOBILE_APPLICATION_LOGS_REQUIRED | Choose Y/N to decide if communication logs for the mobile app are needed. |
These security policies help maintain the integrity and safe operation of your vFlow application.