This feature introduces a robust security enhancement for API access within Zenople by Aqore. It involves creating a dedicated API key for mobile applications (Android and iOS) and restricting the existing API key to specific web domains:
- aqore.com
- zenople.com
The goal is to prevent unauthorized API usage and potential leakage while ensuring uninterrupted functionality for both mobile and web platforms. This update strengthens data protection, improves compliance, and maintains operational efficiency across all supported environments.
Functionality
1. Feature Addition
- New API Key for Mobile Apps:
- Dedicated key for Android and iOS applications.
- Configured to block usage from web domains.
- Updated Existing API Key:
- Restricted to allow access only from the specified web domains: aqore.com, zenople.com.
2. Behavior
- Mobile apps (Android and iOS) will exclusively use the new API key.
- Web applications will continue using the existing API key, now restricted to approved domains.
- Unauthorized attempts from non-approved sources will be denied automatically.
3. Applicability
- Applies to Zenople Mobile Applications (Android and iOS) and Web Applications.
- Relevant modules include:
- Assignment Map View
- ZenTime
- Push Notifications
- Google SSO
- Map Launcher
- No impact on unrelated modules or existing workflows.
Additional Notes
- Verified features unaffected by API key changes:
- Map View (iOS and Android)
- Google SSO (Android)
- Polyline Feature (restored functionality)
- Reverse Geocoding (Android and iOS)
- Map Launcher (Google Maps and Apple Maps integration)
- Push Notifications
- ZenTime Firebase Loading
- White-label apps are fully supported under this configuration.
- Ensure proper deployment of API keys in respective environments before release.