The Enterprise Security function pack provides enterprise-level security features at an affordable price. Session Manager lets you dig into user access to your application.
Session Manager is a valuable security feature that lets you see when any user accessed your application and easily log the user out. This provides a layer of protection from malicious user access, as well as information about which users were active at a given time.
The feature comes standard as part of the Enterprise Security function pack which can be added to any Backendless paid plan.
The key elements of Session Manager are highlighted in the screenshot below.
Session Manager has four primary components:
- Logout
Terminate all sessions for a given user. - Find user’s record in the database
View the user record in theUserstable in the database. There, you can edit the user as normal. For example, if you suspect the user is doing something malicious, you can logout the user (above) and then switch theuserStatustodisabledto prevent them from accessing your application.
→ Watch how User Status works - Show/hide user sessions
View the user’s login history and the token used by the user to access your application. - Copy the user’s token
By copying the user’s token for a given session, you can impersonate the user. This lets you test API calls to ensure that your security precautions are working as you expect them to.
Session Manager is just one of the enterprise-caliber database security measures Backendless has put in place with the Enterprise Security function pack. You can read about the other key features below:
The Enterprise Security function pack lets you develop enterprise-scale applications with or without code on the Backendless platform while maintaining maximum security.