Security: Anonymous Access

Normally, all users who want to access any aspect of GW Apps need to have a valid login and be setup as a GW Apps user at some level. Anonymous Access is a feature that offers the ability for records to be created, edited, and viewed by anonymous users via a URL link. This feature is useful for taking surveys or sharing non-sensitive information with customers, clients, etc. (It is similar to sharing access to files with people via a link in Google Drive, One Drive, box, etc.)

There are three steps to setting up anonymous access for a form in an app:

 1Enabling anonymous access for your domain in Platform Settings
 2Setting anonymous access for the chosen form(s)
 3Setting anonymous user access rights to the created records
4Setting anonymous access for the chosen view(s)

Details for each step are outlined below:

1.  Enabling Anonymous Access in Platform Settings

To access the anonymous access setting, go to: Platform Settings > Security Settings. (To access Platform Properties, click on the gear icon in the top right corner of GW Apps colored header bar and select Platform Properties. At the Platform Settings dashboard, select Security Settings. If you do not see the gear icon in the top right corner of GW Apps colored header bar, you are not setup as a platform administrator.) The Anonymous Access section will be near the bottom of the screen.

Platform Settings > Security Settings > Anonymous Access
ItemDescription
Anonymous AccessEnabling this feature will offer the ability for records to be created and edited by anonymous users via a URL link. Enabling this setting does not directly give anonymous access to anything in the application. It simply makes the anonymous feature available to application designers when they are working with forms. If it is disabled, no form in any of the applications within this GW Apps domain can utilize the anonymous access feature.

 

With it disabled, the default, only users with a valid GW Apps login and who are in a role named in the ‘Role Access’ field for a specific form are able to create new records. Also, with it disabled, only users with a valid GW Apps login and who are in a role given access to the record on the Security tab of a form are able to see that form’s records.

2.  Setting Anonymous Form Access

Once the Anonymous Access setting is enabled at the platform level, each form within every application within your domain will now display it’s own Anonymous Access setting. They will all be initially set to disabled, but you can now enable anonymous access for any form you want.

Form Settings – Anonymous Access Details
PropertyDescription
Anonymous AccessEnables/disables anonymous access.

Note: The Anonymous tab will not display if Anonymous Access is not enabled in Platform Settings (See above).

Once the Anonymous Access setting has been enabled, you will see the following additional settings:

PropertyDescription
Public URLDisplays the unique URL, automatically generated by GW Apps, that can be used to create new anonymous records using this form. Creating a link using this URL will allow a user to create a new record using this form without needing to have a valid GW Apps login.
Password Protected AccessEnabling this feature will force users to enter a password before they can create new anonymous records. This increases the security of using the anonymous feature, though you will need to devise a way for users to safely find the required password.
   PasswordWhen Password Protected Access is enabled the Password field is displayed. Enter the desired password or accept the randomly generated one. This is the password value users will need to create records with Password Protected Access enabled.
Use Workflow RedirectIf enabled, the anonymous form will follow the workflow redirect actions setup in the Workflow tab of the form. Otherwise, all requests via anonymous access will follow the display message or redirect configured here on the Anonymous tab. Workflow actions other than the Redirect action will always follow the configured workflow.
What to do when an anonymous user submits a recordDefines what happens to the record after the user submits it, unless ‘Use Workflow Redirect’ has been enabled. Options ae: ‘Display Message’ and ‘Redirect User to New URL’.
   Display MessageOn submit, a message dialog box is displayed on screen, including the text entered in the ‘Submission Message’ field. The user stays viewing the record once the message dialog is closed.
      Submission MessageEnter the text for the desired message.
   Redirect User to New URLOn submit, the user is redirected to a new web page, either within GW Apps or external.
      Redirect URLEnter the URL for the web page you would like users redirected to.

3.  Setting Anonymous Access Rights

Once a form is enabled for anonymous use, the Anonymous role becomes available for use in ‘Who can Create New Records’ on the ‘Settings’ tab and as a role on the ‘Security’ tab of the Form Editor. It is used like any other role, and lets you define the access that “anybody with the unique URL for the record” will have.

Using the Anonymous Role
Anonymous Access Role

4.  Setting Anonymous View Access

Once the Anonymous Access setting is enabled at the platform level, each view within every application within your domain will now display it’s own Anonymous Access setting tab. They will all be initially set to disabled, but you will be able to enable anonymous access for any view you want.

View Settings – Anonymous Access Details
PropertyDescription
Anonymous AccessEnables/disables anonymous access.

Note: The Anonymous tab will not display if Anonymous Access is not enabled in Platform Settings (See #1 above).

Once the Anonymous Access setting has been enabled, you will see the following additional settings:

PropertyDescription
Public URLDisplays the unique URL, automatically generated by GW Apps, that can be customized. Using this URL will allow a user to access the view without needing to have a valid GW Apps login.
Password Protected AccessEnabling this feature will force users to enter a password before they can access the view. This increases the security of using the anonymous feature, though you will need to devise a way for users to safely find the required password.
PasswordWhen Password Protected Access is enabled, the Password field is displayed. Enter the desired password or accept the randomly generated one. This is the password value users will need to access the view with Password Protected Access enabled.
Show Search BarIf enabled, anonymous users can use the search function within the view.
Show BannersIf enabled, the anonymous view will display the top banner (i.e., the colored banner where your company or app logo appears).
Show CreateIf enabled, anonymous users will see the ‘+ New’ button on the view header bar, allowing them to create records.

Note: In order for anonymous users to create records, Anonymous Access must be enabled for the form in addition to the view.

Note: Only records which give permission to the Anonymous role will be visible in the view to those whose access it via the link.

Be Cautious when Using Anonymous Access

With Anonymous Access there is no way for GW Apps to know one anonymous user from another or automatically track who actually created or updated the record. Anybody with the unique URL for the record will be treated exactly the same. For example, say you create a record and give Anonymous permission to view and edit the record, and then send the record link to Jane. She can use the link to access and edit the record as you intended. However, if somebody else gets hold of that link, they can also see and edit the record. You will not be able to tell Jane’s desired access from anybody else who managed to get hold of the link. (This is exactly the same situation as setting a file on Google Drive, One Drive, box, etc. to ‘Anyone with the link’ – Anybody who has the link can access that file.)

Because of this, you should not use anonymous access on forms that store any sensitive or proprietary information. However, there are many valid use-cases that anonymous access is suited for. Just be careful not to enable it without due consideration.

Next Steps

Below are links to articles that cover the other main areas of application security:
Security: App Designers
Security: Roles & Users
Below is the link to the episode of the Building a Task Management App tutorial series that include descriptions of setting up security:
Part 6: Building a Task Management App – Security
Updated on March 30, 2023
Was this article helpful?

Related Articles