Security: Anonymous Access

Normally, all users who want to access any aspect of GW Apps need to have a valid login and be setup as a GW Apps user at some level. Anonymous Access is a feature that offers the ability for records to be created and edited by anonymous users via a URL link. This feature is useful for taking surveys or sharing non-sensitive information with customers, clients, etc. (It is similar to sharing access to files with people via a link in Google Drive, One Drive, box, etc.)

There are three steps to setting up anonymous access for a form in an app:

 1 Enabling anonymous access for your domain in Platform Settings
 2 Setting anonymous access for the chosen form(s)
 3 Setting anonymous user access rights to the created records

Details for each step are outlined below:

1.  Enabling Anonymous Access in Platform Settings

To access the anonymous access setting, go to: Platform Settings > Security Settings. (To access Platform Properties, click on the gear icon in the top right corner of GW Apps colored header bar and select Platform Properties. At the Platform Settings dashboard, select Security Settings. If you do not see the gear icon in the top right corner of GW Apps colored header bar, you are not setup as a platform administrator.) The Anonymous Access section will be near the bottom of the screen.

Platform Settings > Security Settings > Anonymous Access
Item Description
Anonymous Access Enabling this feature will offer the ability for records to be created and edited by anonymous users via a URL link. Enabling this setting does not directly give anonymous access to anything in the application. It simply makes the anonymous feature available to application designers when they are working with forms. If it is disabled, no form in any of the applications within this GW Apps domain can utilize the anonymous access feature.

With it disabled, the default, only users with a valid GW Apps login and who are in a role named in the ‘Role Access’ field for a specific form are able to create new records. Also, with it disabled, only users with a valid GW Apps login and who are in a role given access to the record on the Security tab of a form are able to see that form’s records.

2.  Setting Anonymous Form Access

Once the Anonymous Access setting is enabled at the platform level, each for within every application within your domain will now display it’s own Anonymous Access setting. They will all be initially set to disabled, but you can now enable anonymous access for any form you want.

Settings Tab – Anonymous Access Details
Property Description
  Anonymous Access Enables/disables anonymous access.

Note: The Anonymous tab will not display if Anonymous Access is not enabled in Platform Settings (See above.)

Once the Anonymous Access setting has been enabled, you will see the following additional settings:

Property Description
Public URL Displays the unique URL, automatically generated by GW Apps, that can be used to create new anonymous records using this form. Creating a link using this URL will allow a user to create a new record using this form without needing to have a valid GW Apps login.
Password Protected Access Enabling this feature will force users to enter a password before they can create new anonymous records. This increases the security of using the anonymous feature, though you will need to devise a way for users to safely find the required password.
   Password When Password Protected Access is enabled the Password field is displayed. Enter the desired password or accept the randomly generated one. This is the password value users will need to create records with Password Protected Access enabled.
Use Workflow Redirect If enabled, the anonymous form will follow the workflow redirect actions setup in the Workflow tab of the form. Otherwise, all requests via anonymous access will follow the display message or redirect configured here on the Anonymous tab. Workflow actions other than the Redirect action will always follow the configured workflow.
What to do when an anonymous user submits a record Defines what happens to the record after the user submits it, unless ‘Use Workflow Redirect’ has been enabled. Options ae: ‘Display Message’ and ‘Redirect User to New URL’.
   Display Message On submit, a message dialog box is displayed on screen, including the text entered in the ‘Submission Message’ field. The user stays viewing the record once the message dialog is closed.
      Submission Message Enter the text for the desired message.
   Redirect User to New URL On submit, the user is redirected to a new web page, either within GW Apps or external.
      Redirect URL Enter the URL for the web page you would like users redirected to.

3.  Setting Anonymous Access Rights

Once a form is enabled for anonymous use, the Anonymous role becomes available for use in ‘Who can Create New Records’ on the ‘Settings’ tab and as a role on the ‘Security’ tab of the Form Editor. It is used like any other role, and lets you define the access that “anybody with the unique URL for the record” will have.

Using the Anonymous Role
Anonymous Access Role

Be Cautious when Using Anonymous Access

With Anonymous Access there is no way for GW Apps to know one anonymous user from another or automatically track who actually created or updated the record. Anybody with the unique URL for the record will be treated exactly the same. For example, say you create a record and give Anonymous permission to view and edit the record, and then send the record link to Jane. She can use the link to access and edit the record as you intended. However, if somebody else gets hold of that link, they can also see and edit the record. You will not be able to tell Jane’s desired access from anybody else who managed to get hold of the link. (This is exactly the same situation as setting a file on Google Drive, One Drive, box, etc. to ‘Anyone with the link’ – Anybody who has the link can access that file.)

Because of this, you should not use anonymous access on forms that store any sensitive or proprietary information. However, there are many valid use-cases that anonymous access is suited for. Just be careful not to enable it without due consideration.

Next Steps

Below are links to articles that cover the other main areas of application security:
Security: App Designers
Security: Adding Users & Roles
Security: Managing Role Members
Below is the link to the episode of Building an Expense Reports App tutorial series that include descriptions of setting up security:
Part 6 – Expense Reports App – Security
Updated on June 14, 2022

Was this article helpful?

Related Articles