Ziflow

Ziflow administrators can enable security settings that vary by plan level.

Depending on the type of your Ziflow subscription, you may see different options: 

Allow embedding the Ziflow application (all Ziflow editions) - embedding the Ziflow application in an iframe makes it susceptible to the click-jacking security vulnerability. You can decide which parts of Ziflow could be embedded.

Allow popups to escape sandbox for Live Websites - if enabled, Ziflow Viewer will return the allow-popups-to-escape-sandbox policy making it possible to run javascript outside of the sandbox. This setting allows opening live content proofs that open a link in a new window.

Allow to keep users logged in (all Ziflow editions) - if enabled, users can select the “Keep me logged in” option when logging in to the platform, which will keep their session for seven days.

Keep authentication session (Enterprise edition only) - this setting lets you define after what time the user session is stopped.

Disable user account when inactive (Enterprise edition only) - this option automatically disables inactive users after a set time.

Account lockout (all Ziflow editions) - when turned on, users will be locked out when they provide the wrong password five times. System admins may <a href="https://intercom.help/ziflow/en/articles/5688773-managing-ziflow-contacts#h_b755b620d2" rel="nofollow noopener noreferrer" target="_blank">enable the locked-out users</a>. The feature is not supported if users are authenticating with <a href="https://intercom.help/ziflow/en/articles/5856659-single-sign-on-sso" rel="nofollow noopener noreferrer" target="_blank">SSO</a>.

1. Allow embedding the Ziflow application (all Ziflow editions) - embedding the Ziflow application in an iframe makes it susceptible to the click-jacking security vulnerability. You can decide which parts of Ziflow could be embedded. 
2. Allow popups to escape sandbox for Live Websites - if enabled, Ziflow Viewer will return the allow-popups-to-escape-sandbox policy making it possible to run javascript outside of the sandbox. This setting allows opening live content proofs that open a link in a new window.
 
3. Allow to keep users logged in (all Ziflow editions) - if enabled, users can select the “Keep me logged in” option when logging in to the platform, which will keep their session for seven days.
 
4. Keep authentication session (Enterprise edition only) - this setting lets you define after what time the user session is stopped. 
 
5. Disable user account when inactive (Enterprise edition only) - this option automatically disables inactive users after a set time.
 
6. Account lockout (all Ziflow editions) - when turned on, users will be locked out when they provide the wrong password five times. System admins may <a href="https://intercom.help/ziflow/en/articles/5688773-managing-ziflow-contacts#h_b755b620d2" rel="nofollow noopener noreferrer" target="_blank">enable the locked-out users</a>. The feature is not supported if users are authenticating with <a href="https://intercom.help/ziflow/en/articles/5856659-single-sign-on-sso" rel="nofollow noopener noreferrer" target="_blank">SSO</a>.