XI email notifications Respond link (security concen)
Posted: Wed Oct 09, 2013 11:28 am
Found a thread that indicates that the notification link allows anyone that has access
to the link can gain access to XI as the user that the notification was generated for
and that this is the expected behavior.
The workaround was to use Admin->Notification Management to remove the response
url from the notification template.
I'd like to change the default email format, but that function is now only available in the Enterprise version (which we do not have)
and I"ve already used the 30 day trial to check out the audit log functionality.
How can I manually change the default email format for all new users? (don't really want to have to get 100 folks to manually change their settings, but I guess I have no choice for existing users)
---
to the link can gain access to XI as the user that the notification was generated for
and that this is the expected behavior.
The workaround was to use Admin->Notification Management to remove the response
url from the notification template.
I'd like to change the default email format, but that function is now only available in the Enterprise version (which we do not have)
and I"ve already used the 30 day trial to check out the audit log functionality.
How can I manually change the default email format for all new users? (don't really want to have to get 100 folks to manually change their settings, but I guess I have no choice for existing users)
---
---This is expected behavior.
If you do not want the response URL in the email messages you can remove the following line from the Host/Service message either on a per user basis in the users Notification Messages, or globally in Admin -> Notification Management (in 2012)