Containers - Workspace security

Sphere Engine Containers Workspace provides mechanisms for secure integration. workspace_token protects the workspace from unauthorized use.

Workspace token

In a production environment, we recommend using the workspace_token that fully protects the widget from unauthorized use. It should be enabled in the API call which creates the workspace.

curl -X POST -F "project_id=__PUT_HERE_PROJECT_ID__" -F "workspace_token_required=true" "https://<customer_id><access_token>"

Attaching a workspace token

Workspace token should be attached to the embedded workspace in the form of the appropriate HTML attributes with the data-prefix:

  • data-workspace-token for the workspace-token parameter,

An example of HTML code used to embed a widget prepared to support the signature:

<div class="se-workspace"