Co Browse

KyleM17039864 · December 29, 2023, 6:29pm

I am looking at the implementation of Co-Browsing and am finding it unclear as to the security implications regarding the window.fireflyAPI.token = “”; implementation.

This looks as it would be publicly exposed and accessible by any user. Is there a security concern with the exposure of this token?

The article I am referencing during the review of implementation here is Pegasystems Documentation

Thanks in advance!

srijs · January 9, 2024, 5:33am

@KyleM17039864 ,
There will be no security concern as we have API key which will be passed in header and it won’t be exposed in the script, which different from co-browse token.

Conversation		Replies	Views
cobrowsing General mobile , pega-co-browse	2	40	November 20, 2023
PEGA-SESSION-COOKIE General security , 8-8-5	1	487	July 28, 2024
Pega web embed and use of third party cookies User Experience user-experience , lead-system-architect , 8-8-3	2	661	September 19, 2023
Problem with CSRF token General security , case-management , financial-services , 8-8-1	1	228	June 17, 2024
Not able to implement WebEmbed exercise General pega-platform , constellation , senior-system-architect , financial-services , 8-8-5 , pega-academy	9	389	December 4, 2024

Co Browse

Related topics