diff --git a/manifest.json b/manifest.json
index 8c77293..4c6aca3 100644
--- a/manifest.json
+++ b/manifest.json
@@ -13,7 +13,7 @@
         "name": "yalh76"
     },
     "requirements": {
-        "yunohost": ">= 3.5"
+        "yunohost": ">= 3.8"
     },
     "multi_instance": true,
     "services": [
diff --git a/scripts/install b/scripts/install
index f30e1c9..0c1e105 100644
--- a/scripts/install
+++ b/scripts/install
@@ -219,13 +219,13 @@ ynh_add_fail2ban_config --logpath="/var/log/$app/$app.log" --failregex="^.*Usern
 #=================================================
 ynh_print_info --message="Configuring SSOwat..."
 
+ynh_permission_update --permission="main" --auth_header=false
+
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
-	# unprotected_uris allows SSO credentials to be passed anyway.
-	ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
+	ynh_permission_update --permission="main" --add="visitors"
 fi
-ynh_app_setting_set --app=$app --key=noauth_uris --value="/"
 
 #=================================================
 # RELOAD NGINX
diff --git a/scripts/upgrade b/scripts/upgrade
index f8ebdef..aad1a3c 100644
--- a/scripts/upgrade
+++ b/scripts/upgrade
@@ -214,13 +214,13 @@ chown -R "$app":"$app" /var/log/"$app"
 #=================================================
 ynh_print_info --message="Upgrading SSOwat configuration..."
 
+ynh_permission_update --permission="main" --auth_header=false
+
 # Make app public if necessary
 if [ $is_public -eq 1 ]
 then
-	# unprotected_uris allows SSO credentials to be passed anyway
-	ynh_app_setting_set --app=$app --key=unprotected_uris --value="/"
+	ynh_permission_update --permission="main" --add="visitors"
 fi
-ynh_app_setting_set --app=$app --key=noauth_uris --value="/"
 
 #=================================================
 # START SYSTEMD SERVICE