Page tree

Hotlinks

Hotlinks in Agiloft are encrypted hyperlinks that allow users to access the system or a specific record by clicking a link. Hotlinks can execute complex functions, such as logging in to a specific table, running a saved search, and more. You can embed hotlinks in emails from within Agiloft and have them generated at runtime, or you can generate them manually and use the links outside of Agiloft. To ensure links are secure, always use encryption and user authentication. This page focuses on these security features, but for information on how you can construct the links you want to encrypt, see Hyperlinks.

System-generated hotlinks are automatically encrypted, and users must provide login and password authentication as well for optimal security. The authentication page includes a link for users to reset their passwords if necessary. Note that this link does not work if the user's group has Allow Sending Password? set to No.

You can create hotlinks manually for use in action buttons or outside the system, but they are not automatically encrypted. Instead, links that you create manually must also be encrypted manually. We highly recommend encrypting any of these links you create; otherwise, all the system information you include in the hyperlink construction will remain visible in the text of the link.

After you create hyperlinks, follow these steps to manually encrypt them:

  1. Go to Setup > Access > Automatic Login Hotlinks.
  2. Select any groups to exclude from using the hotlink.
  3. Enter the hotlink in the Encrypt Hotlink box.
  4. Select an expiration time for the hotlink, after which the hotlink will no longer work.
  5. Click Encrypt. The newly encrypted hotlink then appears in the Encrypted Hotlink box. You can copy and paste the link as needed.

Example

Imagine you enter the following hotlink:

http://localhost:8080/gui2/login.jsp?keyID=0&KB=TESTKB&user=admin&passwd=testpassword&state=Main

In this example, you can clearly derive the username "admin" and password "testpassword" from the link. After clicking Encrypt, the system encrypts the sensitive portions of the link and generates an output like the following:

http://localhost:8080/gui2/login.jsp?p=a&genhotlink=Aj3ze1x9W5xwlXRB/MPL8VHo+m72uHf350nT13m+vhPCU41hVmkMfVVj/YGTEbLYYfHpv6Y