Required Domains for Access
The following domains must be accessible to use Howwe’s platform and its integrated services effectively:
app.howwe.io: Main application.
graphql.howwe.io: API and data layer.
help.howwe.io: Support center for documentation and troubleshooting.
academy.howwe.io: Onboarding and training resources.
3. Single Sign-On (SSO) Setup via Auth0
Howwe supports SSO integration through Auth0, allowing customers to use their existing identity provider (IdP) for seamless authentication.
Steps to Configure SSO
Contact Howwe Support:
Reach out to [email protected] to initiate the SSO setup process. Provide details about your IdP and authentication requirements.
Exchange Metadata:
Howwe will share the necessary metadata file or endpoint URL from Auth0.
You must provide your IdP metadata or configuration details (e.g., SAML metadata XML).
Configure SSO in Your IdP:
Add howwe.eu.auth0.com as a trusted service provider (SP) in your IdP.
Use the following details during configuration:
Entity ID: Provided by Howwe.
ACS URL: Auth0’s Assertion Consumer Service URL.
Signing Certificate: Provided by Auth0.
Test the Integration:
Conduct testing in the Demo Environment with a test user account.
Verify successful login and role-based access controls.
Enable SSO for Production:
Once testing is complete, Howwe will enable SSO for your production environment.
Feature Toggles for SSO
SSO can be activated for specific user groups or across your entire organization, providing flexibility during phased rollouts.
Benefits of SSO Integration
Streamlined user experience with one-click login.
Enhanced security with centralized authentication.
Compliance with enterprise security policies.
4. Sending Emails and Notifications
Howwe communicates with users via email. To ensure delivery, allow emails from:
@howwe.io: Our main email domain (e.g., [email protected]).
[email protected]: Emails sent via Intercom.
Technical Email Details:
Howwe uses valid DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) records to ensure secure and authenticated email delivery.
5. Domains to Whitelist
For optimal performance, whitelist the following domains. Where possible, use wildcard rules (e.g., *.howwe.io) to simplify configuration and ensure coverage for future subdomains:
Primary Application and Support
app.howwe.io: Main application access.
graphql.howwe.io: API and data access layer.
help.howwe.io: Support center for FAQs and troubleshooting.
academy.howwe.io: Onboarding and training resources.
External Integrations
fonts.gstatic.com: Font hosting for app and academy content.
www.googleapis.com, firestore.googleapis.com: Google Cloud services supporting academy.howwe.io.
js.intercomcdn.com, widget.intercom.io: Integrated support and live chat tools from Intercom.
Authentication Services
howwe.eu.auth0.com: Authentication provider for secure login and SSO.
cdn.auth0.com, cdn.eu.auth0.com: Content delivery for authentication workflows.
6. Special Considerations for Restricted Environments
If your corporate IT environment enforces strict security controls, such as firewalls or content filtering, ensure the following:
Email Delivery: Configure mail servers to accept email from @howwe.io and [email protected].
Firewall Rules: Adjust outbound and inbound rules to permit traffic to the whitelisted domains.
Authentication Tokens: Verify that your network allows secure communication with howwe.eu.auth0.com.
For customized configurations, contact our support team at [email protected].
7. Security and Compliance
All Howwe services and integrations comply with industry-leading security standards, including:
DKIM and SPF for email authentication.
TLS Encryption for secure communication with all listed domains.
Compliance with GDPR and other applicable data protection regulations.
8. Contact Information
For questions or support during onboarding or SSO setup, reach out to:
Email: [email protected]
Phone: Provided upon request for enterprise accounts.
This updated policy ensures seamless onboarding, robust SSO configuration, and secure access to Howwe’s services. Let us know if you require further assistance.