There are several security features that the administrators have access to in their workspaces. This article will present them and their use.
You will find the following settings under the action menu > workspace settings > security.
Administrators can decide whether the users will remain logged in and remembered even after they've closed their browser. Users are able to open the workspace on their browser without logging in again later if this option is selected. The login information is stored in their browsers' cookies, so resetting cookies will also delete the login even though this option is selected.
If the session is set to forget the session, users will be automatically logged out when they close their browser, and next time they open the workspace they are required to log in via a login link.
With the IP-restrictions administrators can determine from which IP-addresses users are able to login to that particular workspace. This can be limited to only office IPs, certain home networks, or a routing done via a VPN connection (if it has a static IP).
The admin user's IP address is always automatically added to this list, so that the admin won't lock him or herself out of the workspace.
Whitelisted script sources
Whitelisted script sources determine which outside embed and script sources are permitted inside the workspace. These allowed sources affect the embedded content in the Embed widget.
When the admin embeds something to the Embed widget they are automatically asked to whitelist the source. The list of whitelisted sources can be edited from the security settings.