gravity.publicApp Security

App Security

Authentication methods

GRAVITY has a concept of different ‘Authentication methods’ throughout every API call. It can be configured trough the GRAVITY admin site.

Login only – full trust

Available for On premise installation and Cloud-deployments. Use cases:

  • Full-trust relationship between App and GRAVITY

  • Information stored in GRAVITY is not a top secret

Access is provided automatically from the underlying application without any confirmation as only unique login (email, UUID) is required. New users are added automatically if such login does not exist.

Login & Password – no trust

Cloud-deployment or some secured information is stored. Focus is more on security then on usability.

  • Trust relationship

  • Attacks from outside are expected

  • Information stored in GRAVITY are top secret

Access must be confirmed with Login and Password. Users must be created in advance and assigned a password.

More features like ‘audit tracking’, IP-white listing, mail domain restriction and four eye acceptance processes are available.

Protection of content modification

An additional level of protection can be activated to improve usability and make the system easier to access for regular users, while keeping content under control.
If “Authentication method“ is set to 'Login only' all the users can easily access and read the content being authenticated manually or automatically using information from the underlining application.
If “Additional authentication for Authors“ is set to “Login & Password“, the Authors who are added as Site Content Owners, will be prompted for their Login & Password when they enter the Content Editing Area or switch to Edit Mode.

Limit Mail Domains

GRAVITY can limit adding certain mail domains to the user list. It can be configured trough the GRAVITY admin site.

If the setting is empty all domains are allowed to add user. If one or more domains are configured only these domains are allowed to be added in to the user list.