Knowledge Base
Start typing to search…

Security

Overview

The security section enables admins to configure and monitor security related functionality within the Quiq platform.

General Tab

Trusted Domains

Allows the configuration of the domains that are allowed to host Quiq applications, such as Quiq Web Chat. This is defaulted to All Domains, but for a high security environment such as production we suggest you set this field to Whitelisted Domains and set a list of trusted domains.

IP Whitelist

IP address ranges that are allowed to access your Quiq agent applications and API’s. An empty value indicates access is allowed from any IP address, which is the default.

Unsafe Links

Quiq can warn agents about potentially unsafe links found in incoming messages using data provided by Google. Google works to provide the most accurate and up-to-date information about unsafe web resources. However, Google cannot guarantee that its information is comprehensive and error-free: some risky sites may not be identified, and some safe sites may be identified in error.

Two-Factor Authentication (2FA)

The "Require Two-Factor Authentication" toggle button (disabled by default), that gives you the ability to enforce 2FA setup for all users. The toggle button is read-only for Admins who haven't set up 2FA yet for their own account - once an Admin sets up 2FA it becomes editable for them. The new 2FA section isn't available in sites with a CRM integration.

Public API Keys Tab

API keys are used to abstract a user account’s credentials for the purposes of making calls to Quiq API endpoints such as StartConversation or SendNotification. This page provides a list of all the keys created for various users. Keys are managed in the Admin > Users.

Audit Log Tab

Certain key events are now logged for review by Quiq application admins. The current event types include configuration updates and user creates and edits:

CSV Export

Admins can perform a CSV export of Audit Log data using the Export Audit Log Data button. The Audit Log CSV export will include a maximum of 100,000 rows, sorted by timeStamp descending. When the Entry Type Filter is populated in the Audit Log page, so that a single event type is returned, if an export is then initiated the CSV file will only contain data for the Entry Type selected in that filter.

Connection Settings Tab

Allows egress domain checking to be enabled, which will be applied when creating or updating outbound connections from within the Quiq application - this setting is disabled by default. When enabled, egress domain checking doesn't affect the runtime behavior of existing outbound connections from Quiq - it's only enforced when configuring outbound connections from within the Quiq application in the following product areas:

  • Adding & updating AI Studio API Resources
  • Adding & updating HTTP connections in AI Studio Call API behaviors
  • Adding & updating Webhooks in Admin > Webhooks
  • Adding & updating Admin > CRM settings

The Connection Settings tab contains an Egress Domain Checking Enabled toggle button, that's disabled by default. When that toggle button is enabled, an Egress Allowed Domains field then displays where a list of allowed domains can be added. Once the Email Domain Checking Enabled toggle button is enabled, all domains that you want to allow when configuring outbound connections from Quiq should be added to the allowed domains list. When egress domain checking is enabled and an outbound connection in one of the product areas listed above is created or updated to include a URL with a domain that isn't included in the allowed domain list, an error will display when saving and the create/update action will fail.

Email Settings Tab

Allows email address domain checking to be enabled, which will be applied when creating or updating Quiq Users in Admin > Users (this also applies to Bots/AI Agents in Admin > Bots) - this setting is disabled by default. Enabling email address domain checking can add an extra level of security by limiting the domains allowed in Quiq User email addresses to a specific list of domains that you define for your Quiq site - you can also specify an exact email address to allow a specific user with a different domain. When enabled, email address domain checking is only enforced when creating or updating Users within Quiq, it doesn't have any runtime affect on Users accessing the Quiq application.

The Email Settings tab contains an Email Domain Checking Enabled toggle button, that's disabled by default. When that toggle button is enabled, an Email Allowed Domains field then displays where a list of allowed domains or exact email addresses can be added. Once the Email Domain Checking Enabled toggle button is enabled, all domains that you want to allow when setting the Email Address for Quiq Users (or Bots/AI Agents) should be added to the allowed domain list. When email address domain checking is enabled and a Quiq User is created or updated with an Email Address that contains a domain that isn't included in the allowed domain list, an error will display when saving and the create/update action will fail.

Updated 18 days ago

What’s Next