Hotlinks are a form of hyperlink within Agiloft that allow external users to access the system or a specific record by clicking a link. Hotlinks can execute complex functions, such as logging in to a specific table, running a saved search, and more. You can embed hotlinks in emails from within Agiloft and have them generated at runtime, or you can generate them manually and use the links outside of Agiloft. To ensure hotlinks are secure, use encryption and user authentication, which are important security features. This page focuses on these security features, but for information on how you can create hotlinks, see Hyperlinks.
System-generated hotlinks are automatically encrypted, so it is not possible to use them to obtain user login details, but it can still be important to require user authentication. If a malicious user has access to the encrypted link, they could still access the system and edit or view a record. There are two recommended levels of protection against this possibility, which involve variations of user authentication.
To configure either of these two levels of protection, go to Setup > Access > Configure Hotlinks:
You can create hotlinks manually for use in action buttons or outside the system, but they are not automatically encrypted. Instead, manually created hotlinks must also be manually encrypted. We highly recommend encrypting any hotlinks you create; otherwise, the username and password that the hotlink uses will be visible within the link itself.
Follow these steps to manually encrypt a hotlink:
Imagine you enter the following hotlink:
In this example, you can clearly derive the username and password from the link. After clicking Encrypt, the system encrypts the sensitive portions of the link and generates an output like the following: