The JavaScript Injection feature lets customers add their own code within the Hosted Login integration pattern. Although Hosted Login already allows customization in terms of appearance and style, this feature enables customers to further change the user experience, beyond the core functionality. Possible customizations include options to show or hide passwords, a password strength meter, and auto-population of fields based on user input. Due to the highly flexible nature of JavaScript, the use of this feature by customers is subject to the following limitations.

Limitation one: Approval from Akamai

Customers must formally request approval from Akamai to use JavaScript Injection. The request should include a detailed description of the business use case and how JavaScript will support it. For example, a use case may involve "providing a visual indicator of password strength to promote stronger password choices," while the intended use might entail "employing JavaScript to assess the password field and present a visual gauge indicating password strength based on certain criteria." Customers submit their approval requests to Akamai's account management or professional services. If the product team approves the request, Akamai provides instructions on how to incorporate JavaScript into the Hosted Login site.

If a customer uses the JavaScript Injection feature without prior approval, Akamai will request that the customer undergo the approval process. If the use case isn’t approved, Akamai will require the removal of the JavaScript code from all production instances of Hosted Login within a reasonable timeframe. Should an unapproved use case directly cause an incident or issue, Akamai won't take any remedial actions. Instead, the customer will modify the JavaScript code to resolve the issue.

Limitation two: Risks associated with JavaScript Injection

The customer assumes all risks associated with JavaScript Injection. Akamai doesn’t review, test, or provide suggestions regarding JavaScript code authored by customers. Akamai reserves the right to introduce modifications to the Hosted Login service that may affect the functionality of any injected JavaScript code. For instance, Akamai may deprecate an event that is presently part of the Hosted Login user authentication flow. If a customer's JavaScript code relies on this deprecated event, it will impact the user experience. Impacts of this nature occur in the browser and aren't detectable by Akamai’s platform monitoring.

Furthermore, Akamai retains the right to implement such changes without prior notice. In the event that Akamai changes its Hosted Login service and user experience impacts occur, Akamai will not consider them service incidents concerning our platform. Instead, the customer will be advised to update their JavaScript code to accommodate the change. Any other risk associated with injected JavaScript code is likewise assumed by the customer and not Akamai.