- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-03-2023 10:07 AM
Hello Guys,
We have a portal and some external users (customers) have access to it. We provide reports, Case details and more options there.
The major issue is that whenever they receive an email with an update or want to go into the portal by clicking the link on the email sent they need to first LOG IN and most of the times they dont know their passwords or dont want to bother logging in.
Is there any way we can set the link sent on the emails with an "auto-authentication" in which the users clicks and its redirected to portal page already logged in based on his email ?
Any help would be highly appreciated.
Thanks,
Vini
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-03-2023 10:20 AM - edited 03-03-2023 10:22 AM
Hi,
Unfortunately, no, as that's a security issue. The only other thing would be to make the page public, but then the user is seeing stuff focused towards unauthenticated people aka Guests. There isn't anyway to bypass the authentication if its not public. There could be a possibility of passing in the URL params that contain the field values for username and password and so when they get there it's auto-filled in, and then I guess you could write a script on the login to attempt a "Click" or login after a second after the page loads, but that seems very sketchy and custom development. Just throwing out an idea, haha.
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-03-2023 10:20 AM - edited 03-03-2023 10:22 AM
Hi,
Unfortunately, no, as that's a security issue. The only other thing would be to make the page public, but then the user is seeing stuff focused towards unauthenticated people aka Guests. There isn't anyway to bypass the authentication if its not public. There could be a possibility of passing in the URL params that contain the field values for username and password and so when they get there it's auto-filled in, and then I guess you could write a script on the login to attempt a "Click" or login after a second after the page loads, but that seems very sketchy and custom development. Just throwing out an idea, haha.
Please consider marking my reply as Helpful and/or Accept Solution, if applicable. Thanks!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
07-26-2023 10:48 AM - edited 07-26-2023 10:49 AM
I would highly discourage using the URL and sending it in an email for logging into the system as email isn't a secure means of communication however that being said if you would like to send a link to people and they just click on the link to login instead of needing to remember their username and password the instance must be setup to not block logging in through this method and the url must be formatted correctly as so:
https://instance.service-now.com/login.do?user_name=XXX&user_password=XXX&sys_action=sysverb_login
This will allow someone to log into the instance under their username without needing to remember their password. Again it also increases the likelihood that their username and password will be stolen.
