Hello All,
We are working on a project where in we are sending a link into an email. That link consists of a URL of web api that has been built inside appian.
This works fine when user who clicked on a link is already logged into appian or have SAML enabled account but for other users it gives 401 error.
I need to send API key in order to get it resolved but I don't know how. The link has been created inside an HTML template.
I'm not sure how exactly we can pass the API key via html <a href> tag. Can someone please provide some kind of example here that can benefit me?
Thanks in advance
Discussion posts and replies are publicly visible
Simple answer. Do not do that !!!
This would give valid credentials to any system between you and your recipient. Email is not secure in any way and can be read by anyone.
What do you want to achieve?
I do not recommend this practice, because you'll expose your application to security risks.
If you want to do something like this, i suggest to create an task called by a link to an task that permitt to complete the request.
We are building a project where we are sending an email to our external clients. The purpose of this functionality is to enable them to make changes to their product directly from email. So we have decided to give them a button in an email, on the click of which our web api will get called and perform the actions that are desired. These emails are sent as a remainder every week and so we don't want them to open appian url,login into the system and perform actions, instead they can do their operations with a single click inside an email.
I also tried making a post request from html code(in order to hide security informations) but that doesn't seems to be working. Can you suggest something inline to this requirement that can help us get this working. May be in a different way?
Can you elaborate some more? I didn't actually get your point. You mean to create a task in appian and call that task on the link click?
Sorry to say, but this will not work. You can not do a POST from a link in an email.
Four options:
- Make externals Appian users and create a nice UI for them to do their job
- Create a separate portal for external users and do things over there
- Wait for Appian portal to become available, currently in beta, and do it this way
- Create a web API external to Appian, register an awaited call-back from emails using a random string as an identifier. This link must be unique, personal, random and not expose any data or credentials. Then this API could forward that call as a POST to Appian.
Appian portal is an interesting way, can you give a link to documentation about this?
No, this is in beta and will be published in a future version. Depending on your project timeline that might be an option.
in according to Stefan, you have those options, cited.
an link to preview of the new functionality?
You will need to contact your Appian key accounter for more info.