Hotlinks are a form of hyperlink within Agiloft that allow external users to access the system or a specific record by clicking a link. Hotlinks can execute complex functions, such as logging in to a specific table, running a saved search, and more. You can embed hotlinks in emails from within Agiloft and have them generated at runtime, or you can generate them manually and use the links outside of Agiloft. To ensure hotlinks are secure, use encryption and user authentication, which are important security features. This page focuses on these security features, but for information on how you can create hotlinks, see Hyperlinks.

User Authentication

System-generated hotlinks are automatically encrypted, so it is not possible to use them to obtain user login details, but it can still be important to require user authentication. If a malicious user has access to the encrypted link, they could still access the system and edit or view a record. There are two recommended levels of protection against this possibility, which involve variations of user authentication.

To configure either of these two levels of protection, go to Setup >  Access > Configure Hotlinks:

Manually Encrypted Hotlinks

You can create hotlinks manually for use in action buttons or outside the system, but they are not automatically encrypted. Instead, manually created hotlinks must also be manually encrypted. We highly recommend encrypting any hotlinks you create; otherwise, the username and password that the hotlink uses will be visible within the link itself.

Follow these steps to manually encrypt a hotlink:

  1. Go to Setup > Access > Automatic Login Hotlinks.
  2. Select any groups to exclude from using the hotlink.
  3. Enter the hotlink in the Encrypt Hotlink box.
  4. Select an expiration time for the hotlink, after which the hotlink will no longer work.
  5. Click Encrypt. The newly encrypted hotlink then appears in the Encrypted Hotlink box. You can copy and paste the link as needed.

Imagine you enter the following hotlink:

http://localhost:8080/gui2/login.jsp?keyID=0&KB=TESTKB&user=admin&passwd=testpassword&state=Main

In this example, you can clearly derive the username and password from the link. After clicking Encrypt, the system encrypts the sensitive portions of the link and generates an output like the following:

http://localhost:8080/gui2/login.jsp?p=a&genhotlink=Aj3ze1x9W5xwlXRB/MPL8VHo+m72uHf350nT13m+vhPCU41hVmkMfVVj/YGTEbLYYfHpv6Y


Related articles