Contact usRequest a demo

SecureFlow Manager usage

The SecureFlow Manager (SFM) is the component in an Unblu integrated system that’s responsible for the snippet injection and for forwarding webpage resources such as images and CSS files to the Collaboration Server so that they can be transmitted to the agent’s browser. Custom filters may, in addition, be responsible for proxying certain browser requests to the server.

The SFM is the link between the Collaboration Server and the customer’s website (web or application server). Depending on the deployment scenario, the SFM might be part of (or even implement) a reverse proxy, fully integrated in the client’s web or application server or integrated into the customer’s website (client-side filter).


The SFM’s main responsibility is to decide when to inject which Unblu JavaScript files and to only do this when a co-browsing session is about to be started or has been started. This is of essential importance since co-browsing is typically only required for a fraction of website visitors. The SFM therefore assures that the Collaboration Server infrastructure requirements can remain much lower than the website infrastructure requirements. For example, a website delivering 1,000,000 website visits per month may require multiple servers to bear the load, but still only need one Collaboration Server to provide 3,000 co-browsing sessions.

The decision on when to inject what is rule-based. The rules are the main configuration element of the SFM. They must stay in sync with the server settings. The Collaboration Server provides a JSON-based configuration, including rules and injection advice for the SFM.

Forward webpage resources

Another responsibility of the SFM is to catch resources as they fly by and send them to the Collaboration Server in case a co-browsing session is active. This is only required for setups that depend on webpage resources delivered by the server. The process of uploading webpage resources is called "add-to-cache" in the server.

Similar to injections, add-to-cache operations are rule-based. Again, the corresponding rules can (and should) be retrieved from the Collaboration Server and must stay in sync with it over time.

Unlike with injection, the provided filters don’t provide uploading functionality out-of-the-box. Instead, they provide a means to determine when uploading is required.


Usually, proxying is the responsibility of the reverse proxy the SFM is running or integrated with. Some setups have no proxies in their existing network topology and introducing one only for the purpose of enabling co-browsing may be too expensive or for other reasons not feasible. In such cases, it may be an option to implement simple proxying yourself.

SFM configuration

The SFM uses a JSON-based configuration file. You can retrieve it from the Collaboration Server at the URL http://<unbluserver>/<system>/rest/filterBackend?x-unblu-interface-version=2&x-unblu-apikey=<api-key>&x-unblu-action=read-configuration.

Available SFM implementations

Unblu provides out-of-the-box SFM implementations for the following reverse proxy products: