Custom Domain/URL/Branding Hi all, am new he...

Lucas_Allen_Liq · 09-12-2018 05:00 PM

Custom Domain/URL/Branding

Hi all, am new here and new to Appsheet (I wish I discovered it sooner…). Is there a way to get an App onto your own custom URL and better still own custom mobile app deployment? ie I dont want my user to see url appsheet or have to download the appsheet app (I would have a custom app name).

Also does anyone have experience in running a multi-tenant setup, ie I have customers that would be separate companies, each company needs to be isoltaed completely from the others and of course have a sub-domain type setup.

I always start with the difficult questions Your advice would be appreciated

Aleksi_Alkio

#1 - When the app is developed you can Whitelabel the app. #2 - If you use a security filter for your data, one customer is able to have access their own data only. The filtering will happen on server side, not in the device. Please read more from this document…

help.appsheet.com - Security Filters: The Essentials Security Filters: The Essentials help.appsheet.com

jin_zhang

Does the white labeling include the ability to use your own custom domain url for the browser link? answer above was unclear

hru

Hi @jin_zhang, whitelabel and custom domain url is a different subject. To be able to “get” a custom domain url, you’ll need to use iframe on the app(s) and either do domain forward or through DNS setting. However, if your apps requires authorization access, the most simple way to do this is VIA a google site with iframe embeded apps, and set the published google site through a google group auth.

For an open apps (without authorization), you can see sample here which is belong to one of our leaders in this communities: http://www.able3ventures.com/

Koichi_Tsuji

Valid comment indeed, Heru.

There should be bunch of free, 1) URL shorter 2) URL masking service should be available to get the own url for Appsheet app I suppose, although I never tried on my own.

Lucas_Allen_Liq

Hi Aleksi thanks for your quick reply. Do you have a link for the whitelabelling?

Lucas_Allen_Liq

Found it!

Aleksi_Alkio

Good

Pika

Hi @Heru, To your message above, if my app does require (Google) authorization access, how would I go about creating a google group authentication (which you have mentioned above) on google sites if I want to use my app in an iframe. I tried searching for it but couldn’t find anything. The iframe always gives me an error saying " www.appsheet.com refused to connect." when I publish the website.

Steve

I’m pretty sure AppSheet (no longer?) works with authentication in an iframe.

Pika

@Steve Is there any way to make it work with authentication? The reason why I need authentication is to identify unique users and display their data only to them. So no one else can see their personal info. I would prefer to do it through an iframe.

Steve

To my knowledge, no. My impression is that iframes aren’t secure, bit that’s just an impression I’ve developed from a distant perspective–I have no direct experience with iframes.

You’re welcome to contact support@appsheet.com with your question to get a more authoritative (and possibly different?) answer.

Rifad

Is there any possible work around to achieve the private app embedded into website ?

GreenFlux

The OAuth2 web standard recommends avoiding iframes for authentication, so most web services are going to block it.

10.13. Clickjacking

In a clickjacking attack, an attacker registers a legitimate client and then constructs a malicious site in which it loads the authorization server’s authorization endpoint web page in a transparent iframe overlaid on top of a set of dummy buttons which are carefully constructed to be placed directly under important buttons on the authorization page. When an end-user clicks a misleading visible button, the end-user is actually clicking an invisible button on the authorization page (such as an “Authorize” button). This allows an attacker to trick a resource owner into granting its client access without their knowledge.

To prevent this form of attack, native applications SHOULD use external browsers instead of embedding browsers within the application when requesting end-user authorization. For most newer browsers, avoidance of iframes can be enforced by the authorization server using the (non-standard) “x-frame-options” header.

This header can have two values, “deny” and “sameorigin”, which will block any framing, or framing by sites with a different origin, respectively. For older browsers, javascript framebusting techniques can be used but may not be effective in all browsers.

Rifad

Thanks a lot for your reply Joseph.

hru

Hi @Pika, the method I stated above is no longer working since around last month. Since then, I’ve changed the page to show just a link to a subdomain forwarded to the app.

Hoachledinh

You can use this code to make an index.html file then upload it to your hosting.
It can make your web fully responsive with Appsheet.
demo https://drebest.com/app

<html lang="en" class="no-js">
   <head>
      <meta charset="utf-8">
      <meta name="viewport" content="width=device-width,initial-scale=1.0">
      <style>
      html body {width: 100%;height: 100%;padding: 0px;margin: 0px;overflow: hidden;font-family: arial;font-size: 10px;color: #6e6e6e;background-color: #000;} #preview-frame {width: 100%;background-color: #fff;}</style>
      <script src="https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js"></script>
      <script>
         var calcHeight = function() {
           $('#preview-frame').height($(window).height());
         }

         $(document).ready(function() {
           calcHeight();
         }); 

         $(window).resize(function() {
           calcHeight();
         }).load(function() {
           calcHeight();
         });
      </script>
   </head>
   <body>
      <iframe id="preview-frame" src="**Your Appsheet Url**" name="preview-frame" frameborder="0" noresize="noresize">
      </iframe>
   </body>
</html>

jonbowles84

*SOLVED: Iframe functionality only works if the app does not require users to sign in....

Hi @Hoachledinh , I have tried your index.html and I get "www.appsheet.com refused to connect." any ideas? The url works outside of the index.html...

Hocappsheet

Bạn cho mình xin số điện thoại, mình nhờ bạn trỏ tên miền thay vì phải mở app bằng một link dài ngoằng. cảm ơn bạn nhé

DarwinC12

Hello @Hoachledinh can you help me how to make resend the password?