Please log in to continue
WalkMe stores your data in the region chosen during account setup.
We have data centers in the US and EU that follow local privacy and compliance laws. If you're not sure which region to select, check with your admin.
Google Custom Search, also known as Programmable Search Engine, enables users to create a search engine for different purposes - their website, blog, or a collection of websites. They can configure this engine to search for web pages in the sites that are added to it.
This integrations connects the menu with the Programmable Search Engine, to enable users to search for public web pages directly from the menu's enterprise search.
Search from WalkMe Menu for Web pages according to your Google's Programmable Search Engine configuration.
The Enterprise Search uses 3rd-party integrations to implement a "federal search". Searches within the menu are backed by an NLP engine, and a graph database that supports a great user experience.
The Enterprise Search doesn't index 3rd-party data on an independently searchable database.
See below sequence diagram describes the searching algorithm:
To activate the Enterprise Search (and the Personalized Workspace widgets), each employee is required to grant the menu permission to access the 3rd-party.
Each time a new access token is granted to the menu, the application will encrypt the access and refresh tokens and store it in a remote database.
The encryption process includes a unique private key ("salt") that is generated for each individual at the very first bootstrap and stored in the local machine Keychain.
The salt is irreplaceable and not restorable - losing it causes the access tokens to be voided.
This security measure is being taken to eliminate identity spoofing when accessing high-sensitive data.
See the image below to review the salt generation and storage flow.
The third-party apps are being approved and verified by third-parties products.
By the end of the granting process, the third-party apps provide access and refresh tokens that are used by the search engine to establish the requests.
See 3rd-Party Access and Refresh Tokens section above for more information about the storing mechanism.
While searching, the search engine forwards the request, before hitting the Adopter Service, through the Token Injector; a service that injects the relevant tokens to accomplish the request.
The local private key is being handed off over the search HTTPS request for runtime decryption.
When an end-user initiates a search query - the WalkMe enterprise search starts a search flow that is being protected by a JWT assigned by WalkMe IdP integration, as part of the user signing flow:
The JWT is proxying the user identity and keeping any HTTPS request secured and individual.
All menu requests are protected by a JWT validation.
Integrations can be segmented to a sub-set of users and audiences, rather than being enabled for all end-users. This feature streamlines the integration process and helps to ensure that users are only using the integrations that are relevant to their work.
To segment a menu integration:
