Hi,
We have a request to ensure that a portal link cannot be reused and that it cannot be accessed outside of the site that embedds the portal links. The client is concerned that the URL will be exposed and that a nefarious actor could use the URL to create cases using the same portal link.
From my research I found that we can use a Web API can expose an encrypted URL using a!urlForPortal (source: https://docs.appian.com/suite/help/24.1/url-parameters.html#linking-from-an-external-website), but the client says this won't solve the problem because a person could still grab the encrypted URL and reuse it.
I realize portals are for anonymous users, but the client is asking about this regardless.
Any suggestions would be helpful.
Discussion posts and replies are publicly visible
Then you need to make sure that this link can only be used once. Encrypted URL parameters are the way to go. For generated links, you will have to track usage in the database.
This is accurate. To add onto it: there is no method for making sure a portal URL, once generated, can only be used from within a specific website. However, if you generate using encrypted URLs and add the app behavior Stefan is suggesting to prevent using a URL twice, you'll have effectively achieved what you want.