Description
For several use cases, customers might need to securely download per-application or per-activation configuration. We should facilitate the functionality via a standard API.
- Configuration should be per-app or per-activation
- Content of the configuration should be end-to-end protected (i.e., should not be available to any intermediary application or proxy, including Enrollment server)
- Content should be dynamically adjustable by intermediary applications or proxy (of course, this part will be known to that particular intermediary application or proxy)
- Storage of the values in our systems should be protected by encryption.
The app might decide to call the endpoints on every launch. The app could also cache the last result (store the data in the Keychain) and only fetch the information once. We should allow both scenarios.
Acceptance criteria
No response
Technical specification
No response
QA specification
No response
Description
For several use cases, customers might need to securely download per-application or per-activation configuration. We should facilitate the functionality via a standard API.
The app might decide to call the endpoints on every launch. The app could also cache the last result (store the data in the Keychain) and only fetch the information once. We should allow both scenarios.
Acceptance criteria
No response
Technical specification
No response
QA specification
No response