diff --git a/manifest.json b/manifest.json
index 1630a42..f4987cd 100644
--- a/manifest.json
+++ b/manifest.json
@@ -19,7 +19,7 @@
         }
     ],
     "requirements": {
-        "yunohost": ">= 3.5"
+        "yunohost": ">= 3.8"
     },
     "multi_instance": true,
     "services": [
diff --git a/scripts/install b/scripts/install
index d5edfc8..6cedbbd 100644
--- a/scripts/install
+++ b/scripts/install
@@ -229,13 +229,13 @@ ynh_systemd_action --service_name=$app --action="start" --log_path="systemd" --l
 #=================================================
 ynh_print_info --message="Configuring SSOwat..."
 
+ynh_permission_update --permission="main" --auth_header=false
+
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
-	# unprotected_uris allows SSO credentials to be passed anyway.
-	ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
+	ynh_permission_update --permission="main" --add="visitors"
 fi
-ynh_app_setting_set --app=$app --key=noauth_uris --value="/"
 
 #=================================================
 # RELOAD NGINX
diff --git a/scripts/upgrade b/scripts/upgrade
index 21be7e3..6e38f61 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -238,13 +238,13 @@ chown -R "$app":"$app" "$datadir"
 #=================================================
 ynh_print_info --message="Upgrading SSOwat configuration..."
 
+ynh_permission_update --permission="main" --auth_header=false
+
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
-	# unprotected_uris allows SSO credentials to be passed anyway
-	ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
+	ynh_permission_update --permission="main" --add="visitors"
 fi
-ynh_app_setting_set --app=$app --key=noauth_uris --value="/"
 
 #=================================================
 # START SYSTEMD SERVICE