Requirements and review for your app
Requirements and review for your app
Aurora reviews all apps that run on our platform before configuring them in production to ensure your app is successful and to encourage the best user experience. We consider the design, reliability and security of the app when performing a review. Before submitting your app for review, please make sure it meets the following requirements.
Review workflow
When submitting your app for review to Aurora, please be prepared to describe the high level use case(s). We will use this to guide our testing and to make sure we're not missing any key functionality. If your application requires an account, we will need access to one to perform the review.
You can expect the following as we move through the review:
- Aurora will configure your app in one or more test tenants.
- One or more Aurora reviewers will evaluate the app against requirements listed below. This evaluation may include directly accessing any APIs that you have developed for your app.
- Aurora will provide you with feedback from the review. If any changes are needed, we will give guidance on how to address the issues.
Review requirements
Your application should meet the following requirements during the review.
Performance and reliability
- Apps should be fully functional and free of obvious bugs.
- Your app must consistently make successful API calls with low latency.
- Your app must be able to handle multiple concurrent users from the same tenant.
- For embedded apps, your app should load the minimum set of dependencies required to function properly. Avoid large bundles of code and prefer bundles that have been built specifically for the Aurora platform.
Security
- All partner apps must be accessed via HTTPS.
- Partner webhooks must use HTTPS and header-based token auth or basic auth
- Application keys may not be accessed or stored in the frontend. All interactions using application keys should take place server-side.
- Your app should request and use the minimum access levels required for your application to function.
- You may not resell or publish any data obtained from Aurora via your application.
User experience
Keep the following in mind when designing your user experience
| DO | DON'T |
|---|---|
| Simplify signup and login processes | Prompt for logins or terms of service each time |
| Create clear, actionable error messages | Use generic “something went wrong” messages |
| Call attention to input fields with invalid values | Create situations where it's unclear to the user how or where to address problems with input |
| Gracefully degrade if you get data from Aurora your tool does not support | Completely error out if you get an unsupported field from Aurora |
| Open links in new tabs in embedded apps | Open links or navigate outside your tool while still in the iframe |
| Add indicators (ex. spinners, progress bars) to denote when your embedded app is sending data to Aurora | Push data to Aurora in the background with no indicators |
Updated 4 months ago