# Configuring web applications Once you select the **Web** application type on the [application configuration](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications/..#managingapplications-configuringapplications) page, a **Web Configuration** section appears with several tabs containing various configuration options:
## Configuring general settings for web applications From the [application configuration](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications) page of the selected web application, under the **Application Settings** > **General** tab: {% stepper %} {% step %} Optionally, [import a matching application default configuration](#configuringwebapplications-understandingurlpatterns-1) to use as a template. This feature requires Nexthink Adopt. {% endstep %} {% step %} Define [URL patterns](#configuringwebapplications-understandingurlpatterns-2). {% endstep %} {% step %} Optionally, [enable the Digital adoption](https://docs.nexthink.com/platform/adopt/getting-started-with-adopt/deploying-a-guide-end-to-end-procedure#step-1-create-and-set-up-a-guide-in-nexthink) toggle button to configure and deploy in-app guides. This feature requires Nexthink Adopt. {% endstep %} {% step %} Confirm or disable the [Collect URLs](#configuringwebapplications-collectingurls) option. {% endstep %} {% step %} Confirm or disable [Soft navigations](#configuringwebapplications-activatingsoftnavigations). {% endstep %} {% step %} Connect to an [existing campaign](#configuringwebapplications-connectingwithexistingcampaigns). {% endstep %} {% endstepper %} Devel into each step below. {% hint style="info" %} After configuring the fields in the **General** tab described on this page, you can set up the remaining configuration tabs for the specific web application: * [Key pages](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications/configuring-web-applications/key-pages) * [Transactions](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications/configuring-web-applications/transactions) * [Licenses](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications/configuring-web-applications/application-licenses) * [Thresholds](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications/configuring-web-applications/thresholds) {% endhint %} *** ### Importing built-in default configurations as templates—optional {% hint style="info" %} Importing built-in default configurations for web applications requires [Nexthink Adopt](https://docs.nexthink.com/platform/user-guide/adopt). This feature is different from applications installed from Nexthink Library. {% endhint %}
Built-in application templates versus applications installed from Nexthink Library Key differences when using a default application template versus an application installed from Nexthink Library: * After importing and implementing the selected configuration template, you cannot edit or drop these default settings. * Modifications from Nexthink to built-in default configurations impact all applications using these imported settings—even after saving the web application configuration.
Nexthink allows importing default web application configurations with predefined key pages and **CSS selectors**—necessary for correctly displaying Adopt in-app guides. Refer to [#using-selectors-from-application-templates](https://docs.nexthink.com/platform/adopt/guide-creation-and-management-from-nexthink-applications/configuring-adoption-settings#using-selectors-from-application-templates "mention") for more information. The web application configuration does not display key pages from the application templates. Still, these application-template key pages are available when configuring guide-related conditions and Adopt Editor settings. To import default application templates, from the **Application configuration** page of the selected web application: 1. Open the **Applications settings** > **General** tab. 2. Select the built-in application configuration template from the dropdown under **Configuration mode.** {% hint style="warning" %} Export your current application configuration before selecting built-in template configurations, as choosing built-in defaults is irreversible. Built-in default configurations are only available for a specific set of applications. Predefined selectors are only available for selected applications. Refer to [#supported-templates](https://docs.nexthink.com/platform/adopt/guide-creation-and-management-from-nexthink-applications/configuring-adoption-settings#supported-templates "mention") for the list of supported applications. {% endhint %}
*** ### Adding URL patterns Add URL patterns of your web application you wish to monitor. Consider the following: * The URL match patterns have the following structure: `://` * The URL match patterns can contain wildcards, but a port number cannot be specified. * The system forces the use of a wildcard for the scheme `*://`, so it always matches both HTTP and HTTPS. * Users administrating business applications, view and enter URL patterns with a simplified structure:`` * Internally, all the software components must handle the full URL match patterns, including the scheme: `://`
About Nexthink URL pattern validation logic {% hint style="info" %} Jump to the [#configuringwebapplications-collectingurls](#configuringwebapplications-collectingurls "mention") section to continue with the web application configuration—that is, the remaining fields under the **General** tab. {% endhint %} Nexthink Applications uses the following set of rules to verify the pattern before saving it: 1. The user must enter at least one URL match pattern. 2. Today, specifying a scheme like `http://` or `https://` is not supported, it must be `*://` 3. If the user does not specify `*://` the form automatically adds the `*://` prefix. 4. If the user enters a URL with a port number, the form displays an error message. 5. The host component can start with `*.` followed by part of the fully qualified domain name (FQDN). Note that this pattern also matches a hostname that is exactly the expression entered after the `*.` wildcard. 6. The host component must end with a complete and valid domain name if it starts with a `*.` wildcard. 7. The host component can just contain a local hostname (for example, no domain name) if it does not start with a `*.` wildcard. This is to support internal web applications that do not use FQDN. 8. You must specify the path with at least `/*`. If the user does not enter a path, the form logic appends `/*` to match all paths. 9. The path must end with a `*` wildcard. If the path does not, the form logic appends `*` to the pattern. 10. The path cannot contain more than one `*` wildcard. 11. The pattern must not contain a query string `(?...)`. If the user enters a URL with a query string, an error message appears. 12. The pattern must not contain a fragment `(#...)`. If the user enters a URL with a fragment, an error message appears. 13. Validation logic prevents patterns that intersect each other across all the applications. 14. The entire match pattern must validate as a standard URL after adding an `http://` prefix and replacing all wildcards with arbitrary words. For example, if the user enters the pattern `*.example.com/foo/*` the expanded form `http://www.example.com/foo/bar` can be easily validated using a standard URL validation library. 15. Entering only a domain name for a host part like example.com is valid. It will not match, however, the URL name with a hostname like `www.example.com.` 16. The form logic auto-corrects the pattern entered by the user, it does this immediately after the textbox loses focus, and the user interface allows the user to see the change before the form is submitted. 17. A pattern intersects another pattern if at least one URL that is matched by both patterns exists. Explicitly, patterns  A1  and  B1  intersect if all of the following conditions are true: * After trimming the eventual wildcard from the beginning of the host parts, `A1.host` ends with `B1.host` or `B1.host` ends with `A1.host`. * After trimming the wildcard from the end of the path, `A1.path` starts with `B1.path` or `B1.path` starts with `A1.path`.
Find below examples of URL patterns:
Examples of valid patterns The URL pattern examples below are valid for web applications: * `www.example.com/*` matches all URLs that start with `http://www.example.com/` or `https://www.example.com/`. * `*.example.com/*` matches `example.com`, `www.example.com`, `intra.example.com`, `support.intra.example.com`, … * `*.intra.example.com/*` matches `intra.example.com`, `support.intra.example.com`, ... * `example.com/*` matches only `*://example.com/*`. * `www.example.com/foo/*` matches all URLs that start with `*://www.example.com/foo/`. * `myintranet/*` is a valid pattern for an internal application. * `www.example.com/foo/*` is an existing app match pattern. In this case, the following patterns can be used for any of the applications: * `*.example.com/bar/*` * `www.example.com/foobar/*` * `*.another-example.com/foo/*` * `test.example.com/foo/*`
Examples of invalid patterns The URL pattern examples below are invalid for web applications: * `www.example.*/*` * `https://*.example.com/*`  because of the scheme * `www.*.com/*` * `www.*.example.com/*` * `www.example.com/foo?bar` because query string components are not supported * `*/*` * `www.example.com/foo#bar` because hash components are not supported in the application URL * `*.example:1234.com/*` because of the port (use `*.example.com/*` instead, all ports are supported) * `*.example.com/#foo` * `*example.com/*` because there is no dot following the star in the host component * `www.example.com/foo/*/bar/*` only one wildcard is allowed in the path * `*.customer.*.example.com/*` only one wildcard is allowed in the host part * `www.example.com/foo*` is an existing app match pattern. In this case, you cannot use the following intersecting patterns for any of the applications: * `*.example.com/foo/*` * `www.example.com/foobar/*` * `www.example.com/fo*` * `www.example.com/foo/bar/*`
Examples of auto-corrected patterns * `www.example.com` changes to `*://www.example.com/*` * `www.example.com/` changes to `*://www.example.com/*` * `www.example.com/foo/` changes to `*://www.example.com/foo/*` * `www.example.com/foo` changes to `*://www.example.com/foo/*` * `example.com` changes to `*://example.com/*` * `*.example.com` changes to `*://*.example.com/*`
URL patterns use case for non-standard ports Access the corporate document management system using the following URL: `https://prod.doxydoc.local:32890/start.php` During the business application configuration, you must use the following pattern: `*://prod.doxydoc.local/start.php*`
*** ### Collecting URLs {% hint style="warning" %} The **Collect URLs** option is enabled by default, facilitating the configuration of application [key pages](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications/configuring-web-applications/key-pages). {% endhint %} When deciding to whether collect URLs or not, consider the following: * Enabling **Collect URLs** enables Nexthink users accounts with appropriate permissions to view the individual URLs that employees visit. * Disabling **Collect URLs** prevents the system from collecting any URLs at the extension level. * The system renders a truncated URL to preserve data privacy using a [sanitizer](#about-nexthink-urls-sanitization).
About Nexthink URLs sanitization {% hint style="info" %} Jump to the[#configuringwebapplications-activatingsoftnavigations](#configuringwebapplications-activatingsoftnavigations "mention") section to continue with the web application configuration—that is, the remaining fields under the **General** tab. {% endhint %} Whenever possible, Nexthink sanitizes all collected Uniform Resource Locators (URLs) to conceal sensitive information. This is done in an attempt to remove personal data, potential configuration secrets and certain query string patterns. Remember, a URL is a string that serves as a unique identifier for a web resource, consisting of four primary components: * The **origin** includes the protocol ( `http` or `https`), the hostname ( `http://nexthink.com` ) and the port number (`80` or `443`), for example, `https://nexthink.com:443`. * The **pathname** specifies the exact location of the resource on the server, for example `/company/about-us`. * The **hash** is an optional component of the URL that stores information for the browser, such as the current state of the web page or user preferences. It also begins with a hash (`#`) and is followed by a string, for example, in the URL `confluence.nexthink.com/pages/urlsanitisaation#url-sanitisation-rules`, the hash segment is `#url-sanitisation-rules`. * The **query parameters** are optional pairs of keys and values that provide additional information to the server. They start with a question mark (`?`) and are separated by ampersands (`&`), for example, `?projectKey=DCBSM&view=detail`. The query parameters are systematically sanitized. The system replaces each key-value pair with `[key]`, for example: * `https://confluence.intra.nexthink.com/pages/viewrecentblogposts.action?key=AppExEP` sanitized with `[key]`:\ `https://confluence.intra.nexthink.com/pages/viewrecentblogposts.action?[key]` **URL sanitization mechanism** The URL sanitization mechanism is intended to strip sensitive information from URLs before transmitting them to the server by: 1. Initially removing all query parameters, such as `?key1=value1&key2=value2`, retaining only the keys enclosed in square brackets, like `?[key1]&[key2]`. 2. Replacing any other anchors in the hash segment with the code `[anchor]`. 3. Undergoing further URL sanitization based on specific patterns as described below. 4. Finally, truncating any excessive parts of the URL. Remember that this process ensures that sensitive data is not inadvertently exposed in URLs. **Pattern matches and tag replacements** Examples of general codes the system uses to sanitize an application’s URL: | \[code] | Description | | ------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | \[uuid] | Universally Unique Identifier (UUID) (`3c9dee20-52e9-4ff7-b2ee-e672342bce56` ) | | \[id] | ID number: sequence of alphanumeric numbers staring with `/` and ending with either `/` or `?`. Non- numeric characters must be one of the following `.`, `,`, `_`, `\`, `-`. Other characters must be numeric. | | \[json] | `{"?????????"}` formatted sequence where `?????????` may contain any word, digit or any of the following characters `%`, `\\`, `\`, `.`, `,`, `:`,`_` ,`-` | | \[gib] | Identification number, for example: the email ID which comes after the identification number: `http://outlook.office.com/mail/inbox/id/` in MS Outlook. | | \[hex] | Hexadecimal value: sequence of at least 33 consecutive alphanumeric values in hexadecimal range: a-f and 0-9. | | \[int] | Integer value: sequence of at least 4 consecutive digits. | These patterns are specified globally for all applications. If any part of the **Sanitized URL** matches any of the patterns, it will be replaced by the corresponding tag. **Examples:** * `https://community.nexthink.com/s/profile/0052p00000BURowAAH` sanitized with `[hex]`:\ `https://community.nexthink.com/s/profile/[hex]` * `https://outlook.office.com/mail/inbox/id/AAQkAGJhYmFkMTUxLTQ5NzgtNDNlZi1iZDkzLTQ2YzEwNDIwYzA0YgAQAKafeoP2TMVDozSlcBq2JGU%3D` sanitized with `[gib]`:\ `https://outlook.office.com/mail/inbox/id/[gib]`
Nexthink URL sanitization summary {% hint style="info" %} Jump to the[#configuringwebapplications-activatingsoftnavigations](#configuringwebapplications-activatingsoftnavigations "mention") section to continue with the web application configuration—that is, the remaining fields under the **General** tab. {% endhint %} The following table summarizes the Nexthink process for sanitizing URLs: | Sanitization Step | Description | Example URL | Sanitized URL | | -------------------------------- | ----------------------------------------------------------------- | ---------------------------------------------------------------- | --------------------------------------------- | | Sanitization of query parameters | The key-value pairs are replaced by keys | `https://nexthink.com?key1=value1&key2=value2` | `https://nexthink.com?[key1]&[key2]` | | Sanitization of hash segment | The anchor hash segment and the query hash segment are obfuscated | `https://nexthink.com#?name=John#custom-anchor` | `https://nexthink.com#?[name]#[anchor]` | | Sanitization of URL tokens | The URL is sanitized using pattern matches and tag replacements | `https://nexthink.com/2024/2fff5c59-18ba-44d3-bd95-4bee056f68ca` | `https://nexthink.com/[int]/[uuid]` | | URL truncation | The URL is truncated if it exceeds the maximum length | `https://nexthink.com/custom-path/very/very/long/url` | `https://nexthink.com/custom-path/very/ve...` |
{% hint style="info" %} There is a maximum acceptable length for the **Sanitized URL**. If the Sanitized URL exceeds the limit, Nexthink removes the excess and adds an ellipsis (`...`) to show that some of the URL is missing. {% endhint %}
Collecting URL in Applications
*** ### Activating Soft navigations {% hint style="warning" %} The **Activate soft navigations measurements** option is enabled by default. Disable this option for web applications with unstable pages—resulting in extended page load times. {% endhint %} Soft navigations enable measuring the speed of asynchronous page loads where the browser does not load a new page. They are very common in single-page applications (SPA). Soft navigations measure the time it takes a page to stabilize. *** ### Connecting with existing campaigns Nexthink Applications makes it possible to connect with existing [campaigns](https://docs.nexthink.com/platform/user-guide/campaigns). To make the connection: 1. Pick the unique identifier (UID) from the target campaign and paste it into the **Engage campaign UID** field. * An Engage campaign license is required. 2. Alternatively, you can access the UID value by navigating to **Campaigns** using the Nexthink main menu and selecting the campaign you wish to connect to from the list. Locate the campaign's UID as part of the URL. Once the campaign is linked to the application, the **Sentiment** tab on the specific applications page becomes visible. You must have the proper permissions to access it. By clicking on the **Sentiment** tab you can open the relevant Campaigns dashboard in a new tab. *** RELATED TASKS After configuring the fields in the **General** tab described on this page, you can set up the remaining configuration tabs for the web application: * [Key pages](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications/configuring-web-applications/key-pages) * [Transactions](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications/configuring-web-applications/transactions) * [Application licenses](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications/configuring-web-applications/application-licenses) * [Thresholds](https://docs.nexthink.com/platform/user-guide/applications/configuring-applications/configuring-web-applications/thresholds) RELATED TRAINING * [How to configure the Applications module](https://learn.nexthink.com/courses/how-to-configure-applications-module)