Skip to main content

FAQ

Q: How do I modify a template?

A: Before modifying A template, you need to understand the business relationship between the application forms of the template, for example, check whether business association rules and data linkage are configured between the forms.

Modify steps:

  1. Log on to the web pageYIDA Workbench, click enterMy applicationThe page.
  2. Select the application to be modified, click to go to the application details page, find the form to be modified, and clickEditButton.
  3. On the form editing page, modify the corresponding form or component.

Q: Why am I the master/sub management of the DingTalk address book but do not have YIDA permissions?

A: Check whether YIDA platform administrator is set in the YIDA application.

  • If YIDA platform administrator is set, the administrator permissions of YIDA platform are the largest.
  • If YIDA platform administrator is not set, YIDA automatically inherits the primary administrator and sub-administrator in the DingTalk Organization address book.

Q: Can the operation logs of YIDA applications be exported? Can I view, delete, or modify records?

A: The application operation record log cannot be viewed at present. Currently, you can only view the page history record of the page dimension and cannot export this information.

Q: Is the cloud data storage of YIDA encrypted with an hengmi shield?

A: anhengmi shield is not used, but YIDA uses Alibaba's self-developed security database for data assurance. Data transmission is transmitted through encrypted channels throughout the process.

Q: Has YIDA passed the third-level insurance certification? Whether the application built with YIDA automatically has the third-level assurance certification.

A: YIDA is an official application under DingTalk and has passed the national third-level insurance certification.However, if each enterprise tenant uses applications produced or built on YIDA, it does not have the third-level insurance standard by default. You need to contact a third party to apply for separate certification (additional fees are required).

Q: What are the certified security guarantees for YIDA?

YIDA is based on Alibaba Cloud and DingTalk security base, with complete level certification, and YIDA has passed ISO27001, ISO27018 information security management system certification..

Q: How does YIDA ensure data security on the underlying architecture?

  • The code strictly complies with the Alibaba development protocol and security protocol.
  • It is fully deployed on Alibaba Cloud. The network, computing, and storage are fully deployed in Alibaba Cloud. The platform base is developed and run using Alibaba JDK.
  • All WEB requests are encrypted using HTTPS.
  • The password itself is not output to the log and console.
  • All web pages and resources require authentication except content that is manually set to public. Authentication is performed entirely on the server. The logon portal provides anti-violence guessing and database guessing measures, and supports third-party authorized login.
  • After the user logs out, the session and related login information will be cleared immediately. COOKIE settings HTTPONLY and SECURE properties will be set.
  • Administrator users can configure their own permissions to control access to corresponding resources as required.
  • WEB protection measures. It includes preventing SQL injection, XML injection, buffer overflow, XSS cross-site scripting attacks, and CSRF cross-site request forgery.
  • File upload verifies the identity of the uploader and uses OSS file server storage alone. The file server has an independent domain name.
  • Open API calls strictly control the accessor Key and Secret, provide a data signature mechanism, intercept the call frequency and abnormal calls, and encrypt HTTPS transmission.

Q: What are the product-level data security guarantees for YIDA?

  • SAAS is used to provide services, and multi-tenant is used in design. Data between tenants is logically isolated, and tenant information cannot be accessed and shared.
  • Strict data permission configuration control capability.
  • Based on the DingTalk secure account system (real-name authentication is supported).
  • It has a unified data management interface.
This doc is generated using machine translation. Any discrepancies or differences created in the translation are not binding and have no legal effect for compliance or enforcement purposes.
Copyright © 2024钉钉(中国)信息技术有限公司和/或其关联公司浙ICP备18037475号-4