{"_id":"58b75dc52ac83125007f4926","__v":0,"project":"545137a814af501a00b50cf9","category":{"_id":"545137a814af501a00b50cfd","project":"545137a814af501a00b50cf9","version":"545137a814af501a00b50cfc","pages":["545137a814af501a00b50cff","5451389e14af501a00b50d11","5451384514af501a00b50d04","546b8edb62515a14007ebc39","546b9214b47b5d1400109efa","546b922862515a14007ebc4f","546b9234b47b5d1400109efc","546b924762515a14007ebc51","546b925662515a14007ebc53","546fdac1691dc8080089521d","547374bd007eb108007e0380"],"__v":11,"sync":{"url":"","isSync":false},"reference":false,"createdAt":"2014-10-29T18:53:28.598Z","from_sync":false,"order":0,"slug":"documentation","title":"Documentation"},"version":{"_id":"545137a814af501a00b50cfc","project":"545137a814af501a00b50cf9","__v":11,"createdAt":"2014-10-29T18:53:28.525Z","releaseDate":"2014-10-29T18:53:28.525Z","categories":["545137a814af501a00b50cfd","545138eaa66f020800dbab4a","546b9072b47b5d1400109edf","546b9082b47b5d1400109ee0","546b9088b47b5d1400109ee1","546b909462515a14007ebc43","546b90a0b47b5d1400109ee2","546ced235884600e007a92f6","5481008eea7fd40b00cd7c2b","573b9d83ee2b3b220042291f","57be1efa15efc70e006a5f99"],"is_deprecated":false,"is_hidden":false,"is_beta":true,"is_stable":true,"codename":"","version_clean":"1.0.0","version":"1.0"},"parentDoc":null,"user":"5638f69b22afbc0d001f23c1","updates":[],"next":{"pages":[],"description":""},"createdAt":"2017-03-01T23:48:21.197Z","link_external":false,"link_url":"","githubsync":"","sync_unique":"","hidden":false,"api":{"results":{"codes":[]},"settings":"","auth":"required","params":[],"url":""},"isReference":false,"order":6,"body":"The following items are required or recommended for client apps and integrations that use the Yammer Platform. In addition, a data security survey is required for apps that are submitted for Global Access permission or inclusion in the Yammer App Directory. The survey link is shared after the app submission.\n\n**Required**\n\n  *  *** **   Encrypted in transit and storage: Yammer authorization tokens and PII\n\n  *  *** **   Access control on data storage, if customer information is kept\n\n  *  *** **   An SSL redirect URI\n</p>\n**Recommended**\n\n  *  *** **  Regular cadence of security testing on environment\n\n  *  *** **  Implement IDS (Intrusion Detection System)\n\n  *  *** **  Adequate logging of events","excerpt":"","slug":"app-security-requirements","type":"basic","title":"App Security Requirements"}

App Security Requirements


The following items are required or recommended for client apps and integrations that use the Yammer Platform. In addition, a data security survey is required for apps that are submitted for Global Access permission or inclusion in the Yammer App Directory. The survey link is shared after the app submission. **Required** * *** ** Encrypted in transit and storage: Yammer authorization tokens and PII * *** ** Access control on data storage, if customer information is kept * *** ** An SSL redirect URI </p> **Recommended** * *** ** Regular cadence of security testing on environment * *** ** Implement IDS (Intrusion Detection System) * *** ** Adequate logging of events