...
This is a very simple automated procedure that creates a unique pair of keys for your organization - public and private, that are used to secure whistleblowing tip submissions. The generation and configuration of underlying cryptographic algorithms are done automatically. Each tip is encrypted with your organization’s public key - and can only be read using the private key, which never ever leaves secure storage in Jira or Confluence.
Once the keys are in place, a public submissions PIN is generated - it is a long string that uniquely identifies your organization on the public submissions form. This PIN needs to be specified alongside the report when submitting a public tip - so that it could be routed to your organization Jira or Confluence later on.
The PIN can and should be shared with the public - there is no need or requirement to protect it. You can share it By default, Whistle Willow creates two unique public submission portals - one for the EU, one for the US, to support regulations. Your organization can choose to use both or either of them. The data and runtime of these portals are hosted in their respective region.
You can share the links to public portal on your website, under Trust and Security page, or a dedicated Whistleblowing instructions page.
...
Navigate to Whistle Willow app as admin
Open the “Program Settings” tab
Switch the toggle “Enable public submissions” to the enabled state:
Click “Save submission settings”
Reload the app
A new section will appear - click “Generate / Regenerate keys and PIN”keys”
...
That’s it! Your public submission pages are good to go! You can also customize them or even embed as <iframe>.