Hoppa till huvudinnehåll
Alla samlingarSäkerhet, Sekretess & RegelefterlevnadSäkerhet
Customer IT Onboarding Policy
Customer IT Onboarding Policy

This policy provides IT teams with the technical details required to integrate with and access Howwe’s services, including information on setting up Single Sign-On (SSO) via Auth0. If additional support is needed, contact [email protected].

Uppdaterad för mer än 3 veckor sedan

Required Domains for Access

The following domains must be accessible to use Howwe’s platform and its integrated services effectively:

  • app.howwe.io: Main application.

  • graphql.howwe.io: API and data layer.

  • help.howwe.io: Support center for documentation and troubleshooting.

  • academy.howwe.io: Onboarding and training resources.

3. Single Sign-On (SSO) Setup via Auth0

Howwe supports SSO integration through Auth0, allowing customers to use their existing identity provider (IdP) for seamless authentication.

Steps to Configure SSO

  1. Contact Howwe Support:

    • Reach out to [email protected] to initiate the SSO setup process. Provide details about your IdP and authentication requirements.

  1. Exchange Metadata:

    • Howwe will share the necessary metadata file or endpoint URL from Auth0.

    • You must provide your IdP metadata or configuration details (e.g., SAML metadata XML).

  1. Configure SSO in Your IdP:

    • Add howwe.eu.auth0.com as a trusted service provider (SP) in your IdP.

    • Use the following details during configuration:

      • Entity ID: Provided by Howwe.

      • ACS URL: Auth0’s Assertion Consumer Service URL.

      • Signing Certificate: Provided by Auth0.

  1. Test the Integration:

    • Conduct testing in the Demo Environment with a test user account.

    • Verify successful login and role-based access controls.

  1. Enable SSO for Production:

    • Once testing is complete, Howwe will enable SSO for your production environment.

Feature Toggles for SSO

  • SSO can be activated for specific user groups or across your entire organization, providing flexibility during phased rollouts.

Benefits of SSO Integration

  • Streamlined user experience with one-click login.

  • Enhanced security with centralized authentication.

  • Compliance with enterprise security policies.

4. Sending Emails and Notifications

Howwe communicates with users via email. To ensure delivery, allow emails from:

Technical Email Details:

  • Howwe uses valid DKIM (DomainKeys Identified Mail) and SPF (Sender Policy Framework) records to ensure secure and authenticated email delivery.

5. Domains to Whitelist

For optimal performance, whitelist the following domains. Where possible, use wildcard rules (e.g., *.howwe.io) to simplify configuration and ensure coverage for future subdomains:

Primary Application and Support

  • app.howwe.io: Main application access.

  • graphql.howwe.io: API and data access layer.

  • help.howwe.io: Support center for FAQs and troubleshooting.

  • academy.howwe.io: Onboarding and training resources.

External Integrations

  • fonts.gstatic.com: Font hosting for app and academy content.

  • www.googleapis.com, firestore.googleapis.com: Google Cloud services supporting academy.howwe.io.

  • js.intercomcdn.com, widget.intercom.io: Integrated support and live chat tools from Intercom.

Authentication Services

  • howwe.eu.auth0.com: Authentication provider for secure login and SSO.

  • cdn.auth0.com, cdn.eu.auth0.com: Content delivery for authentication workflows.

6. Special Considerations for Restricted Environments

If your corporate IT environment enforces strict security controls, such as firewalls or content filtering, ensure the following:

  • Email Delivery: Configure mail servers to accept email from @howwe.io and [email protected].

  • Firewall Rules: Adjust outbound and inbound rules to permit traffic to the whitelisted domains.

  • Authentication Tokens: Verify that your network allows secure communication with howwe.eu.auth0.com.

For customized configurations, contact our support team at [email protected].

7. Security and Compliance

All Howwe services and integrations comply with industry-leading security standards, including:

  • DKIM and SPF for email authentication.

  • TLS Encryption for secure communication with all listed domains.

  • Compliance with GDPR and other applicable data protection regulations.

8. Contact Information

For questions or support during onboarding or SSO setup, reach out to:

This updated policy ensures seamless onboarding, robust SSO configuration, and secure access to Howwe’s services. Let us know if you require further assistance.

Fick du svar på din fråga?