Ability to access Client IP adress

Related products: Indicium Service Tier

When we need to provide API access to our data we want to ensure that the connection is secure. We utilize session_id’s to achieve this.

Currently, we lack the ability prevent session hijacking or session ID guessing because we can't bind session_id with other client properties, like the IP address or User-Agent.

https://cheatsheetseries.owasp.org/cheatsheets/Session_Management_Cheat_Sheet.html#binding-the-session-id-to-other-user-properties

Page 1 / 1

Updated idea status New → Planned

Hi Bas,

We have already planned this for the 2021.2 release, scheduled for April, by expanding the default session variables with information of not only the user's language, but also the IP address, time zone and more!

Hi,

thinks this issue can be marked as resolved.

Documentation about this feature can be found here

https://docs.thinkwisesoftware.com/docs/sf/business_logic/#generated-session-variables

Updated idea statusPlanned→Completed

Sign up

Login to the Thinkwise Software Community

Scanning file for viruses.

This file cannot be downloaded