Get Started!

˂ Return to FAQ

How to Work with Anonymous Access or Guest Links in XTAM

Generating Anonymous Links within XTAM allows a user (“author”) to securely share messages or record details with others without requiring them to sign-in to XTAM making it possible to share information with guests. Anonymous Link URLs are generated with a unique, random 32 character ID string and can be opened by anyone who has the link until the link’s expiration policy has been met. Once this expiration policy is satisfied, the content of the Anonymous Link is permanently destroyed.

Anonymous Link URLs will be generated and accessed like below:

https://xtam.company.com/xtam/alink/519c43d4-715b-4fff-a583-3afa1d43296e

XTAM Anonymous Links provide the following benefits over traditional secret sharing through insecure channels like email or instant messaging applications:

  • Immediate, time and/or access based expiration policies available to the author.
  • Permanent destruction of message upon reaching its expiration policy.
  • Dynamic record details that provide up to date values on a read-only HTML page.
  • Audit events to track creation, access and expiration of anonymous links.

And of course, please keep these points in mind when determining whether or not to allow Anonymous Links within your XTAM deployment:

  • By its design, an Anonymous Links and its message content can be accessed and viewed by anyone who has the link. This means that the message author may intend to send it to only one specific recipient, but this recipient could then forward it along to others. Links are not assigned to specific users or groups as they are built to support guests (users without sign-in authentication).
  • Administrators cannot view, expire or delete any links or messages that have been sent. They can review the Audit Log to determine who generated the message, but they have no control over the link, its message or configuration once it is generated.
  • XTAM will need to be available to anyone who wishes to access an anonymous link. Please keep in mind any firewall restrictions or security considerations that may need to be made to allow for external access to XTAM. Although recipients are not required to login to XTAM, XTAM will still need to be externally accessible from the recipient’s location.
  • Since XTAM logins are not required, the Opened Anonymous Link audit event will attempt to capture the recipient’s IP Address only. If the recipient happens to be an XTAM user and is already authenticated in their browser, then it will also capture their username.
  • The content of the Anonymous Link will be destroyed and cannot be retrieved after its expiration. Afterwards, navigating to the link will cause an expiration error message.
  • Anonymous Links generated from XTAM records are used to share record details which will include sensitive information like passwords. Unlock audit events are generated when record links are opened, so Tasks may be triggered from these activities.

To Generate an Anonymous Link for XTAM Records

When generating an anonymous link for a specific XTAM record, a link will be generated that will contain the current text values of the record (current as of the time the link is opened) in HTML form; it will not be granting access to the record itself.

1

Login to XTAM as a user with Manager or Owner permissions to the record. Alternatively, global System Administrators can generate links as well.

Note: If the link author’s Record Control permission level is removed or reduced below Manager or they are blocked by an active workflow, then the contents of the record will not be displayed when the link is opened.

2

Open or view the record that you want to generate a link.

3

Click the Anonymous Link button ( XTAM Anonymous Links - Generate Record Link Button ).

Note, if this button is not present than you either do not have the required permission (Record Control: Manager or Owner), you are currently blocked by an active workflow or this feature has been disabled by the System Administrator.

4

In the Create Anonymous Link form, fill out all the required fields as desired:

  • Message: Enter a message that will be displayed in the body of the link when accessed. The message can be up to 1024 characters long.
  • Expiration in Minutes: Enter a numerical value defined in minutes for the amount of time that the message should be available. The expiration time begins when the link is generated, not when it is first accessed, if ever. The maximum allowed time is 4320 minutes (3 days).
  • Number of Times to Open: Enter a numerical value that defines the total number of times that the link can be accessed before it is expired. This value must be between 1 and a maximum open value of 5.
5

When the above values are entered, click the Generate button to generate your anonymous link URL.

XTAM Anonymous Links - Generate a Record Link

6

Copy the full URL from the read-only Link to Share field to send it to your recipient(s).

7

You may now click the Close button to exit the Create Anonymous Link form or adjust the values and click Generate again to generate a new link to share.

Once the URL is generated and displayed, the link is active. If you made a mistake, navigate to the Anonymous Links section of your XTAM Profile, select this link and click the Expire button. This action will immediately expire your link (destroying its content) so you can generate a new link.

To review the activity associated to your anonymous links, navigate to Management > My Profile > Anonymous Links. On this page, you will find all your non-expired links and their configuration. From here, you can confirm their expiration time, understand how many times it has been accessed, find the link’s unique URL or immediately expire any active link(s).

XTAM Anonymous Links - Manage Personal Links

Expired links are permanently destroyed and will not be visible.

 

XTAM Anonymous Links - Record Link Content

Anonymous Record Link Content including the Record’s Details

 

To Generate an Anonymous Link with a Generic Message

When generating an anonymous link with only a generic message (no association to a specific XTAM record), a link will be generated that will contain your generic message in HTML form; it will not be granting access or displaying any information related to an XTAM record.

1

Login to XTAM with any user. Generic anonymous links that have no association with any XTAM records can be created by any authenticated XTAM user.

2

Navigate to Management > My Profile > Anonymous Links and click the Create button.

Note: If the Anonymous Links section is not visible, then this feature has been disabled by your System Administrator.

3

In the Create Anonymous Link form, fill out all the required fields as desired:

  • Message: Enter a message that will be displayed in the body of the link when accessed. The message can be up to 1024 characters long.
  • Expiration in Minutes: Enter a numerical value defined in minutes for the amount of time that the message should be available. The expiration time begins when the link is generated, not when it is first accessed, if ever. The maximum allowed time is 4320 minutes (3 days).
  • Number of Times to Open: Enter a numerical value that defines the total number of times that the link can be accessed before it is expired. This value must be between 1 and a maximum open value of 5.
4

When the above values are entered, click the Generate button to generate your anonymous link URL.

XTAM Anonymous Links - Generate a Generic Message Link

5

Copy the full URL from the read-only Link to Share field to send it to your recipient(s).

6

You may now click the Close button to exit the Create Anonymous Link form or adjust the values and click Generate again to generate a new link to share.

Once the URL is generated and displayed, the link is active. If you made a mistake, navigate to the Anonymous Links section of your XTAM Profile, select this link and click the Expire button. This action will immediately expire your link (destroying its content) so you can generate a new link.

After each new link is generated, it will appear in the Anonymous Link table on this same page. On this page, you will find all your non-expired links and their configuration. From here, you can confirm their expiration time, understand how many times it has been accessed, find the link’s unique URL or immediately expire any active link(s).

XTAM Anonymous Links - Manage Personal Links

Expired links are permanently destroyed and will not be visible.

 

XTAM Anonymous Links - Generic Link Content

Anonymous Generic Link Content that only includes the Author’s Message

 

To Disable the Anonymous Link Feature

System Administrators can choose to enable or disable the use of Anonymous Links in XTAM. Please note that if the Anonymous Links feature is disabled, all currently active links will remain accessible until their expiration policy has been satisfied. Disabling anonymous link does not automatically expire active links.

1

Login to XTAM with a System Administrator account.

2

Navigate to Administration > Settings > Parameters and locate the Anonymous Links parameter.

3

Select one of the following values:

  • Enabled: Enables Anonymous Links to be generated from XTAM records and generic messages.
  • Generic: Enables Anonymous Links to be generated from generic messages. Disables the ability to generate Anonymous Links from XTAM records.
  • Disabled: Disables all Anonymous Link generation in XTAM.
4

Click the Save button to complete your configuration change.

 

How To Customize the Design of the Anonymous Link Content

The visualize design of the Anonymous Link content was meant to match the look of the XTAM system; however if you wish to make changes, this section will describe the process. You will need to make changes to the XTAM installation, so please work with your Administrators to gain access to the XTAM server with the required permissions. XTAM does not need to be offline nor does it require a restart in order to modify this layout. Future XTAM updates will not override any custom changes you make to the layout.

1

Login to the XTAM host server with an account that has permission to modify the $XTAM_HOME directory. You will be copying and modifying one (1) .css file.

2

Navigate to $XTAM_HOME/web/webapps/xtam/templates and copy the file anonymousLink.css.

3

Paste this anonymousLink.css file to $XTAM_HOME/content/templates. If the /templates directory does not exist, please create it first and then paste the file into this location.

4

Customize anonymousLink.css file as desired (it is a standard web style sheet) and save the file when complete. Consult with your Web Designer for assistance when working with the .css file.

5

Open (or refresh) any valid Anonymous Link URL to review your changes.

 

Expired or Restricted Link Content Examples

These messages will appear if the content in the link cannot be displayed. Note that the actual text displayed for each of these conditions can be modified by updating the anonymousLink.css file as described in the prior section of this article.

When a link expires, this message will appear when it is opened.

XTAM Anonymous Links - Content Blocked due to Expired Link

When a link’s author no longer has permission to access the record from which the link was generated, this message will appear when it is opened.

XTAM Anonymous Links - Content Blocked by Restricted Permissions

When a link’s author is blocked by a workflow, this message will appear when it is opened.

XTAM Anonymous Links - Content Blocked by Workflow

 
 

Copyright © 2019 Xton Technologies, LLC. All rights reserved.