1. Home
  2. Workflow, Actions, Triggers & Security
  3. Security: Using Anonymous Access

Security: Using Anonymous Access

By default, all users who want to access any aspect of GW Apps need to have a valid login and be setup as a GW Apps user at some level. Anonymous Access is a feature that offers the ability for records to be created and edited by anonymous users via a URL link. This feature is useful for taking surveys or sharing non-sensitive information with customers, clients, etc. (It is similar to sharing access to files with people via a link in Google Drive, One Drive, box, etc.)

There are 3 main aspects to setting up anonymous access for a form in an app:

 1 Enabling anonymous access for your environment via Platform Settings
 2 Setting anonymous access for the chosen form(s)
 3 Setting anonymous user access rights to the created records. [Optional]

Details for each step are outlined below:

1.  Enabling Anonymous Access

To access the App Users screen, go to: Platform Properties > General. (To access Platform Properties, click on your avatar in the top right corner and select Platform Properties. If you do not see the option, you are not setup as a platform administrator.)

General Platform Properties
General Platform Properties
Item Description
Anonymous Access Enabling this feature will offer the ability for records to be created and edited by anonymous users via a URL link. Enabling this setting does not directly give anonymous access to anything in the application. It simply makes the anonymous feature available to application designers when they are working with forms. If it is disabled, no application in the organisation’s GW Apps domain can utilize the anonymous feature.

With it disabled, the default, only users with a valid GW Apps login and who are in a role named in the ‘Role Access’ field for a specific form are able to create new records. Also, with it disabled, only users with a valid GW Apps login and who are in a role named in roles in the workflow of a specific form are able to see that form’s records.

2.  Setting Anonymous Form Access

To add a new user to the application, click on the + Add User button at the top of the users list. You will then see the following dialog:

Anonymous Access Form Setting
Anonymous Access Form Settings
Item Description
Anonymous Access Enabling this feature will offer the ability for records to be created and edited by anonymous users via a URL link. With it disabled, the default, only users with a valid GW Apps login and who are in a role named in the ‘Role Access’ field will be able to create new records.

After enabling Anonymous Access you will see the following additional settings:

Settings Tab – Anonymous Access Details
Anonymous Access Settings Tab
Property Description
Who can Create New Records
Role Access Select the role or roles that are allowed to create new records with this form.
Anonymous Access Enabling this feature will offer the ability for records to be created and edited by anonymous users via a URL link. With it disabled, the default, only users with a valid GW Apps login and who are in a role named in the ‘Role Access’ field will be able to create new records.
Public URL Select the role or roles that are allowed to create new records with this form.
What to do when an anonymous users submits a record Select ‘Display Message’ to have a message displayed on screen but the user stays on that record in GW Apps. Select ‘Redirect User to New URL’ to have the user redirected to a new web page.
    Submission Message Displays if ‘Display Message’ is selected. Enter the text for the desired message.
    Redirect URL Displays if ‘Redirect User to New URL’ is selected. Enter the URL for the web page you would like users redirected to.

3.  Setting Anonymous Access Rights

Once a form is enabled for anonymous use, the Anonymous role becomes available for use in the ‘Who can Create New Records’ setting and on the ‘Security’ tab of the Form Editor. Likewise, it is used like any other role.

Using the Anonymous Role
Anonymous Access Role

Be Cautious when Using Anonymous Access

As there can be no way for GW Apps to know one anonymous user from another–they are all treated the same. For example, say you create a record and give Anonymous permission to view and edit the record, and then send the record link to someone. That person can use the link to access and edit the record as you intended. However, if somebody else gets that link, they can also see and edit the record. (This is exactly the same situation as setting a file on Google Drive to ‘Anyone with the link’ – Anybody who has the link can access that file.)

Because of this, you may wish to refrain from using anonymous access on forms that store any sensitive or proprietary information. However, there are many valid use-cases that anonymous access is suited for. Just be careful not to enable it without due consideration, and allow unwanted access to your data.

Next Steps

Below are links to articles that cover the other main areas of application security:
Security: App Designers
Security: Adding Users & Roles
Security: Managing Role Members
Below is the link to the episode of Building an Expense Reports App tutorial series that include descriptions of setting up security:
Part 6 – Expense Reports App – Security
Updated on May 10, 2021

Was this article helpful?

Related Articles