Crypted URLs are used to let a customer securely subscribe and access the Customer Portal. Those URLs links to sensitive information and you have to implement appropriate measures to ensure only the concerned customer access its data.
- Only an authenticated customer should have access to crypted links.
- Your authentication system must respect the state-of-art regarding security.
- If you activate automated e-mails, we recommand a double-opt-in when a user sign-up in your application.
If you have reasons to believe that crypted links have leaked in a non-secure way, it’s possible to revoke all the links already created for a given customer to immediatly cut the access to its sensible data.
How to revoke the crypted URLs ?
From the backoffice
From the Customer Page : Actions / Privacy & Security