Prevent Unauthenticated Access to Virtual Agent Embedded Web Client
Learn how to configure the sn_va_web_client_app_embed table to block unauthenticated users from accessing embedded web clients.
The UI page sn_va_web_client_app_embed, which is an embedded web client for Virtual Agent, contains the ACL marked 'true' in the sys_public table Out of Box. It has been confirmed that there are use cases where public accessibility is needed however this is not a security best practice to set it to default publicly accessible.
Deactivate ui page sn_va_web_client_app_embed from the Public Pages [sys_public] table if embedded web client is not needed for unauthenticated users
More information
| Attribute | Description |
|---|---|
| Configuration name | sn_va_web_client_app_embed |
| Configuration type | UI Page(sys_ui_page_list.do) |
| Data type | table |
| Recommended value |
The Public Pages [sys_public] table record with sys_id of 04b1905473222300e985658b4cf6a7ef does exist or is not active. |
| Default value | Not available (this is a table value) |
| Category | Access control |
| Security risk |
|
| Dependencies and prerequisites | None |