AWS Security ChangesHomeSearch

AWS connect documentation change

Service: connect · 2025-07-01 · Documentation medium

File: connect/latest/adminguide/3p-apps-events-requests.md

Summary

Restructured permissions section to emphasize explicit grants for third-party apps

Security assessment

Improves clarity on security best practices for third-party app permissions. No evidence of addressing a specific security vulnerability.

Diff

diff --git a/connect/latest/adminguide/3p-apps-events-requests.md b/connect/latest/adminguide/3p-apps-events-requests.md
index 333ed0e75..8b03cd0de 100644
--- a//connect/latest/adminguide/3p-apps-events-requests.md
+++ b//connect/latest/adminguide/3p-apps-events-requests.md
@@ -5,2 +4,0 @@
-App permissions
-
@@ -9 +7 @@ App permissions
-## App permissions
+This topic lists the permissions you must explicitly give to third party applications to access Amazon Connect data.
@@ -13 +11,5 @@ App permissions
-If you are a developer, review how to create applications that react to events [here](https://docs.aws.amazon.com/agentworkspace/latest/devguide/integrate-with-agent-data.html).
+If you are a developer, review how to create applications that react to events: [Integrate application with Amazon Connect Agent Workspace agent data](https://docs.aws.amazon.com/agentworkspace/latest/devguide/integrate-with-agent-data.html).
+
+When you onboard third-party applications by using the API or the onboarding UI in the AWS Management Console, you must explicitly give third-party applications permissions to Amazon Connect data. You can also edit the permissions on an existing app.
+
+To understand the effects of assigning a particular permission, review the following permissions, description, and corresponding requests and events. 
@@ -15 +17 @@ If you are a developer, review how to create applications that react to events [
-When you onboard the applications by using the API or the onboarding UI in the AWS Console, you must explicitly give third-party applications permissions to Amazon Connect data. You can also edit the permissions on an existing app.
+For example, if you assign the permission `User.Details.View` to the application, then it will have the ability to make the following requests: `agent.getName` and `agent.getARN`. If your app attempts to subscribe to an event or make a request for data that it does not have permission for, your app may not function as intended. 
@@ -17 +19 @@ When you onboard the applications by using the API or the onboarding UI in the A
-To understand the effects of assigning a particular permission, please review the below permissions, description, and corresponding requests and events. As an example: If you assign the permission `User.Details.View` to the application, then it will have the ability to make the following requests: `agent.getName` and `agent.getARN`. If your app attempts to subscribe to an event or make a request for data that it does not have permission for, your app may not function as intended. To learn more about each request and event, see the [API Reference](https://docs.aws.amazon.com/agentworkspace/latest/devguide/api-reference-3p-apps-events-and-requests.html.html).
+To learn more about each request and event, see the [API Reference](https://docs.aws.amazon.com/agentworkspace/latest/devguide/api-reference-3p-apps-events-and-requests.html.html).