Skip to main contentSecurity
It is recommended for businesses to also define allowed origins which are whitelisted domains that are allowed to host the messenger.
- Allowed Origins (Whitelist): Define whitelisted domains allowed to host the messenger
- HTTPS: Always use secure connections
- Encryption: All data is encrypted in transit and at rest
- Publishable Key: Use publishable keys for client-side integration
- CORS Validation: Cross-origin resource sharing validation
- Server-side Validation: Validate requests on your backend
