AEM Frequently Asked Questions

Q/ Does a webpage's raw data get submitted to Crownpeak through API call?
A/ Yes. A json response with the list of errors found on the page is returned.


Q/ Is there a need to download the list of rules and validation to run on the AEM?
A/ No. 


Q/ Are the submitted raw data stored at Crownpeak's side before it is processed?
A/ Yes, retention policy is 2 days.  


Q/ What are the checks / security procedures in place to safeguard the webpage content? 
A/ The data is transferred securely over HTTPS and it is stored as plain text. The use of the AEM plugin is initiated by the user. If they are publishing data of an extremely confidential nature they can choose not to use the plugin.  

Q/ How are the API keys secured at Crownpeak's side?
A/ The keys are issued by AWS Amazon API Gateway and stored in our database, in which only authorised Crownpeak operational personnel have access to the database 


Q/ What happens if an API key is compromised?
A/ The key will be revoked in AWS Amazon API Gateway and a new API key will be issued from within the Crownpeak DQM platform, in which only authorised operational personnel have the rights to issue new API keys.


Q/ What are the checks / security procedures in place to safeguard the API keys?
A/ The API key usage is reviewed periodically. Any abnormal and/or unexpected usage is raised with the client. In real terms, a compromised API key would only enable someone to submit content and then scan that content for errors.

Labels (1)
Version history
Revision #:
3 of 3
Last update:
‎05-08-2019 06:16 AM
Updated by:
 
Contributors
Looking for more?
Ask in Discussions
Developers

Peer-to-peer support  and answers on developing CMS templates, modifying privacy scripts or building integrations.

Digital Experience Management

Find answers and ask questions on content management, personalization and targeting.

Digital Quality Management

Find answers and ask questions on WCAG and SEO quality management.

Digital Governance

Find answers and ask questions on consent and monitoring solutions.