Server action protocol?

  

Hi,

Can someone tell me which protocol Outsystems use to communicate between the client and the server in mobile apps when it runs a server action? 

I've read this: https://success.outsystems.com/Documentation/10/Developing_an_Application/Implement_Application_Logic/Actions_in_Mobile_Apps but it didn't answer my question.


Thank you!

Hi Fábio, is there some reason to doubt that Outsystems is using the protocol HTTPS:443 or HTTP:80?

Because I think that's it.




PAULO RICARDO FAGUNDES JUNIOR wrote:

Hi Fábio, is there some reason to doubt that Outsystems is using the protocol HTTPS:443 or HTTP:80?

Because I think that's it.





Hi Paulo, thank you for your reply!

Can you provide a link where did you get this information?

Thank you!

Fábio Dias wrote:

PAULO RICARDO FAGUNDES JUNIOR wrote:

Hi Fábio, is there some reason to doubt that Outsystems is using the protocol HTTPS:443 or HTTP:80?

Because I think that's it.





Hi Paulo, thank you for your reply!

Can you provide a link where did you get this information?

Thank you!

Fábio, I don't have this information. I just imagine it to be so, because it is the most common and simplest form.


PAULO RICARDO FAGUNDES JUNIOR wrote:

Fábio Dias wrote:

PAULO RICARDO FAGUNDES JUNIOR wrote:

Hi Fábio, is there some reason to doubt that Outsystems is using the protocol HTTPS:443 or HTTP:80?

Because I think that's it.





Hi Paulo, thank you for your reply!

Can you provide a link where did you get this information?

Thank you!

Fábio, I don't have this information. I just imagine it to be so, because it is the most common and simplest form.



Thank you for the information. I'm not an expert in communication protocols, I just wanted to know because I'm using Outsystems in my master thesis and it could be useful to know.

Solution

Fábio Dias wrote:

Hi,

Can someone tell me which protocol Outsystems use to communicate between the client and the server in mobile apps when it runs a server action? 

I've read this: https://success.outsystems.com/Documentation/10/Developing_an_Application/Implement_Application_Logic/Actions_in_Mobile_Apps but it didn't answer my question.


Thank you!


Hi Fabio,


Secure data in transit

In addition to securing the device and the app, the channel that transports sensitive information between the backend and the device should also be considered.

Mobile applications created with OutSystems require that all communication uses the HTTPS protocol with a valid certificate. This ensures that all data transferred across the channel is encrypted.


Take care of the man in the middle

Even with an encrypted channel you should prevent man-in-the-middle attacks by validating the origin of the information you receive. This is achieved with a technique called SSL pinning which validates the certificate used to encrypt the information in the communication channel matches the one you expect.

Implementing SSL pinning in OutSystems mobile apps is simple using the SSL pinning plugin.



Reaching your corporate network

Many times your mobile apps need to communicate with a backend that resides behind firewalls in the corporate network. The usual approach is to use a VPN to securely access the corporate network. This means that a VPN configuration needs to be set in the device so the applications can reach the backend.

Operating systems allow creating these VPN connections but this imposes not only a configuration issue - the end user needs to know how to configure it and to switch the connection on before using the app - but also a security issue. A system-wide VPN configuration means that any app that runs on the device also has access to the corporate network.

MAM tools allow the configuration of per-app VPNs, which solve both problems. Since the configuration is bundled in the app, the user no longer needs to perform this configuration on the device. When the app starts, the VPN connection is established automatically. Only that app can use the VPN tunnel to communicate with the backend, preventing other apps from accessing the corporate network.


For more information about this....Please refer below document link

https://success.outsystems.com/Evaluation/Security/02_Security_of_OutSystems_applications/06_How_can_I_create_secure_mobile_apps%3F

Enjoy !!!

Best Regards,

Amit Verma

Solution

Amit Verma wrote:

Fábio Dias wrote:

Hi,

Can someone tell me which protocol Outsystems use to communicate between the client and the server in mobile apps when it runs a server action? 

I've read this: https://success.outsystems.com/Documentation/10/Developing_an_Application/Implement_Application_Logic/Actions_in_Mobile_Apps but it didn't answer my question.


Thank you!


Hi Fabio,


Secure data in transit

In addition to securing the device and the app, the channel that transports sensitive information between the backend and the device should also be considered.

Mobile applications created with OutSystems require that all communication uses the HTTPS protocol with a valid certificate. This ensures that all data transferred across the channel is encrypted.


Take care of the man in the middle

Even with an encrypted channel you should prevent man-in-the-middle attacks by validating the origin of the information you receive. This is achieved with a technique called SSL pinning which validates the certificate used to encrypt the information in the communication channel matches the one you expect.

Implementing SSL pinning in OutSystems mobile apps is simple using the SSL pinning plugin.



Reaching your corporate network

Many times your mobile apps need to communicate with a backend that resides behind firewalls in the corporate network. The usual approach is to use a VPN to securely access the corporate network. This means that a VPN configuration needs to be set in the device so the applications can reach the backend.

Operating systems allow creating these VPN connections but this imposes not only a configuration issue - the end user needs to know how to configure it and to switch the connection on before using the app - but also a security issue. A system-wide VPN configuration means that any app that runs on the device also has access to the corporate network.

MAM tools allow the configuration of per-app VPNs, which solve both problems. Since the configuration is bundled in the app, the user no longer needs to perform this configuration on the device. When the app starts, the VPN connection is established automatically. Only that app can use the VPN tunnel to communicate with the backend, preventing other apps from accessing the corporate network.


For more information about this....Please refer below document link

https://success.outsystems.com/Evaluation/Security/02_Security_of_OutSystems_applications/06_How_can_I_create_secure_mobile_apps%3F

Enjoy !!!

Best Regards,

Amit Verma


Thank you!

Fábio Dias wrote:

Amit Verma wrote:

Fábio Dias wrote:

Hi,

Can someone tell me which protocol Outsystems use to communicate between the client and the server in mobile apps when it runs a server action? 

I've read this: https://success.outsystems.com/Documentation/10/Developing_an_Application/Implement_Application_Logic/Actions_in_Mobile_Apps but it didn't answer my question.


Thank you!


Hi Fabio,


Secure data in transit

In addition to securing the device and the app, the channel that transports sensitive information between the backend and the device should also be considered.

Mobile applications created with OutSystems require that all communication uses the HTTPS protocol with a valid certificate. This ensures that all data transferred across the channel is encrypted.


Take care of the man in the middle

Even with an encrypted channel you should prevent man-in-the-middle attacks by validating the origin of the information you receive. This is achieved with a technique called SSL pinning which validates the certificate used to encrypt the information in the communication channel matches the one you expect.

Implementing SSL pinning in OutSystems mobile apps is simple using the SSL pinning plugin.



Reaching your corporate network

Many times your mobile apps need to communicate with a backend that resides behind firewalls in the corporate network. The usual approach is to use a VPN to securely access the corporate network. This means that a VPN configuration needs to be set in the device so the applications can reach the backend.

Operating systems allow creating these VPN connections but this imposes not only a configuration issue - the end user needs to know how to configure it and to switch the connection on before using the app - but also a security issue. A system-wide VPN configuration means that any app that runs on the device also has access to the corporate network.

MAM tools allow the configuration of per-app VPNs, which solve both problems. Since the configuration is bundled in the app, the user no longer needs to perform this configuration on the device. When the app starts, the VPN connection is established automatically. Only that app can use the VPN tunnel to communicate with the backend, preventing other apps from accessing the corporate network.


For more information about this....Please refer below document link

https://success.outsystems.com/Evaluation/Security/02_Security_of_OutSystems_applications/06_How_can_I_create_secure_mobile_apps%3F

Enjoy !!!

Best Regards,

Amit Verma


Thank you!

Most Welcome Fabio :)

Thanks,

AV