N
Novuβ€’2y ago
sgrzelak

Security support

Hi guys, Can you tell how you support the security for subscriberId? The websocket is identified by subscriberId, which is visible in web page source code. So do you somehow randomly generate subscriberId using some algorithm to prevent from guessing the subscriberId of another users? How this is done from the security point of view? Thanks for the answer
4 Replies
sgrzelak
sgrzelakOPβ€’2y ago
I mean, how to prevent that some user will not guess the subscriberId of another one and read his notifications?
Rifki Salim
Rifki Salimβ€’2y ago
Does HMAC encryption (https://docs.novu.co/notification-center/iframe-embed/#enabling-hmac-encryption) satisfy your concerns @sgrzelak ?
iFrame Embed | Novu
If you are using a (currently) unsupported client framework, you can use our embedded script. This will generate the notification center inside an iframe.
sgrzelak
sgrzelakOPβ€’2y ago
@rifkisalim.dev thats great, thanks πŸ™‚
Rifki Salim
Rifki Salimβ€’2y ago
No worries, happy to help πŸ™‚
Want results from more Discord servers?
Add your server