Reference13r1:Concept myApps: Difference between revisions

From innovaphone wiki
Jump to navigation Jump to search
Line 82: Line 82:
=== Logging out ===
=== Logging out ===
In the installable version a logout can be done in the myApps menu at "Account security" / "Current session".
In the installable version a logout can be done in the myApps menu at "Account security" / "Current session".
== Apps ==
=== Home screen ===
The home screen contains tiles that represent apps or items from apps - generally speaking links to apps. For example the user can place his phone app next to a contact from a contact app. Those tiles can be organized in named groups that can be collapsed, if they are currently not needed.
Tiles contain an icon, the name of the app or item and optionally a presence and a badge count provided by the app.
The home screen is synchronized over all sessions of the user. So after logging in to a new device the home screen is already in place.
The home screen is stored at the user object in the PBX. The admin can see and configure it in the admin UI at "Edit User"/"User"/"Home Screen Apps". It is a comma-separated list of app links. Items starting with a colon are groups. Items starting with two colons are collapsed groups.
For example
    :Apps,chat,users::Contacts,users?id=jdo#d=John%20Doe&s=jdo
corresponds to
* Apps (group)
** Chat
** Users
* Contacts (collapsed group)
** "John Doe" from the app "users"
There are two ways for the user to add new items to the home screen:
* Click the home symbol at an app in the "All apps" view.
* Click an attach icon at an item inside an app.
Apps can be removed again the same way or by longpressing the tile and clicking "Remove from home".

Revision as of 20:30, 4 March 2019

Applies To

This information applies to

  • innovaphone PBX from version 13r1

Overview

innovaphone myApps is the client software for innovaphone users and administrators. The base functionality is provided by a web application that is loaded from the PBX. Additionally there are installable versions for Windows, Android and iOS that come with an integrated browser and implement adaptions to the local operating system.

The purpose of myApps is to organize and run apps. All productive functionality is provided by additional apps that run inside myApps.

Requirements

Web version

For opening myApps in the web browser you need the most recent version of one of the following browsers:

  • Chrome
  • Firefox
  • Safari
  • or Edge

The following browser features are required and must not be disabled:

  • JavaScript
  • HTML5 Local Storage

myApps for Windows

  • Windows ? or higher (to be defined)

myApps for iOS

  • iOS ? or higher (to be defined)

myApps for Android

  • Android ? or higher (to be defined)

Licenses

  • No license needed for myApps itself
  • Apps might require licenses

Account

  • A user account (user object) on the PBX is needed in order to use myApps.

Features

myApps comes with the following features:

  • User login including two-factor authentication.
  • Display and set the own presence.
  • List of all available apps.
  • Running apps (inside an iframe).
  • Home screen with user-selected apps and app items that can be organized in collapsible groups.
  • List of all myApps-Logins. Unused or suspicious sessions can be logged out remotely.
  • Color scheme selection (light, dark).
  • Configuration of standard apps for certain functions (like phone calls or chat).
  • Link to account specific settings provided by a separate app (profile).

All other functionality is provided by apps. For example phone calls require a phone app. Chats require a chat app.

Details

Connecting to the PBX

The myApps web application is loaded from the PBX. The corresponding URL for opening myApps in a browser is

 https://<pbx-hostname>/PBX0/APPCLIENT/appclient.htm

The installable versions ask for the "server name" on the first startup. Enter the host name of the PBX to proceed to the login screen. You can change the server afterwards by logging out and clicking the "Change server" link on the login screen.

Authentication and security

For using myApps you need an account (user object) on the pbx with a password. For logging-in you need to enter the username (SIP-URI) or email address and the password.

Permanent sessions

On each successful login on a new browser or new device a permanent session is created that is defined by a session id and a session password. Those are stored both in the local storage of the browser and at the user object in the PBX. If the user closes myApps and opens it again, the stored session is used. Only when logging-out the session is deleted in both places and the login screen is shown again.

Note that the user password is never transmitted over the network or permanently stored in the browser.

The user can keep track of all his permanent sessions in the myApps menu under "Account security". Sessions that are not needed anymore can be deleted here. The corresponding browser or device is logged out on-the-fly.

Two-factor authentication

The purpose of two-factor authentication is to maintain an additional level of security that prevents attackers form logging-in even if they compromised a users password. Therefore we strongly recommend to use it.

It can be activated during installation of the PBX or in the admin UI under PBX/Config/Authentication. If activated, the password alone is not sufficient for logging-in but the user must also verify the new session by

  • Confirming it in a dialog displayed on any existing myApps session.
  • Clicking a link that is sent to the email address configured at the user object.

In both cases a security code is displayed that should be compared to the one that is shown on the login screen of the new session. If it is the same the user can be sure that he is confirming his own login but not the possible concurrent login of an attacker.

The email account for sending the verification emails can be configured during installation of the PBX, in the PBX Manager plugin "Email" or in the admin UI under PBX/Config/Authentication.

If a user is notified about a login attempt he did not do, it means that the user password is compromised. The following should be done in such cases:

  • Reject the session (email link or displayed dialog)
  • Inform the administrator
  • Change the user password

Using Windows passwords

Instead of using the passwords configured at the user object, the Windows password can be used. Please see Reference13r1:Concept_Netlogon_and_myPBX_Windows_Authentication for details.

Logging out

In the installable version a logout can be done in the myApps menu at "Account security" / "Current session".

Apps

Home screen

The home screen contains tiles that represent apps or items from apps - generally speaking links to apps. For example the user can place his phone app next to a contact from a contact app. Those tiles can be organized in named groups that can be collapsed, if they are currently not needed.

Tiles contain an icon, the name of the app or item and optionally a presence and a badge count provided by the app.

The home screen is synchronized over all sessions of the user. So after logging in to a new device the home screen is already in place.

The home screen is stored at the user object in the PBX. The admin can see and configure it in the admin UI at "Edit User"/"User"/"Home Screen Apps". It is a comma-separated list of app links. Items starting with a colon are groups. Items starting with two colons are collapsed groups.

For example

   :Apps,chat,users::Contacts,users?id=jdo#d=John%20Doe&s=jdo

corresponds to

  • Apps (group)
    • Chat
    • Users
  • Contacts (collapsed group)
    • "John Doe" from the app "users"

There are two ways for the user to add new items to the home screen:

  • Click the home symbol at an app in the "All apps" view.
  • Click an attach icon at an item inside an app.

Apps can be removed again the same way or by longpressing the tile and clicking "Remove from home".