Crypted URLs are used to let a customer securely subscribe and access the Customer Portal. Those URLs links to sensitive information and you have to implement appropriate measures to ensure only the concerned customer access its data.

  • Only an authenticated customer should have access to crypted links.
  • Your authentication system must respect the state-of-art regarding security.
  • If you activate automated e-mails, we recommand a double-opt-in when a user sign-up in your application.

If you have reasons to believe that crypted links have leaked in a non-secure way, it’s possible to revoke all the links already created for a given customer to immediatly cut the access to its sensible data.

How to revoke the crypted URLs ?

From the backoffice

From the Customer Page : Actions / Privacy & Security

With the API

https://docs.proabono.com/api/#revoke-crypted-links