Configure public submissions via External Portal
To start accepting public submissions via the public Whistle Willow site (Whistle Willow - modern whistleblowing platforms), a Whistle Willow administrator needs to enable them and trigger the generation of the encryption keys.
This is a very simple automated procedure that creates a unique pair of keys for your organization - public and private, that are used to secure whistleblowing tip submissions. The generation and configuration of underlying cryptographic algorithms are done automatically. Each tip is encrypted with your organization’s public key - and can only be read using the private key, which never ever leaves secure storage in Jira or Confluence.
By default, Whistle Willow creates two unique public submission portals - one for the EU, one for the US, to support regulations. Your organization can choose to use both or either of them. The data and runtime of these portals are hosted in their respective region.
You can share the links to public portal on your website, under Trust and Security page, or a dedicated Whistleblowing instructions page.
To enable public submissions
Navigate to Whistle Willow app as admin
Open the “Program Settings” tab
Switch the toggle “Enable public submissions” to the enabled state:
Click “Save submission settings”
Reload the app
A new section will appear - click “Generate / Regenerate keys”
That’s it! Your public submission pages are good to go! You can also customize them or even embed as <iframe>.