What Is Direct Access?
- Users must complete the authentication flow each time they connect. Users must provide a strong proof of identity, such as a correct email & password, a valid Google single-sign-on, etc.
- Embedding of incentive dashboards into another website is not allowed. This reduces the risk of click-jacking, where a malicious website captures authentication cookies using embedding.
Direct Access allows you to override normal security to suit unique scenarios such as:
- Allowing users to login using a clickable URL with a unique access code.
- Allowing embedding of incentive dashboards within another website.
- Allowing admins to view a participant incentive dashboards without user credentials.
Direct Access bypasses normal user authentication. It allows for automatic login without a password or authentication flow. Anybody with knowledge of a Direct Access URL can login as the corresponding user. The login action is immediate.
To get a direct link access URL for a given user:
- Browse to Users > All Users
- Edit the user (must have the Participant role)
- Scroll down on the Overview tab
- Click to copy the access URL
Please note the following:
- Users should not share their Direct Access URLs with others.
- Availability is limited to users with the Participant role.
- Access is limited to the current
- No access is granted to other workspaces the user may belong to.
- Deactivating a user immediately terminates Direct Access.
Here is an example of dashboard embedding within an IFrame with Direct Access:
Sharing Links
Only share Direct Access links with intended users. Anybody with knowledge of a Direct Access link can login to Sales Cookie as the corresponding user. While users with the Participant role only have read-only access, sharing a Direct Access link means granting someone access to the corresponding incentive dashboard.
Admin Console
Suppose that you logged in as administrator and navigated to a payee's Direct Access link and incentive dashboard. Now, you want to go back to the administration console. Simply go to Account > Logout, and log in as administrator.
Related Articles
What Is The Difference Between Team Managers And Users' Direct Managers?
Given a user: This user may have one direct manager (specified directly on the user's page) This user may also belong to different teams, each having a different team manager There are a few differences between the two: Each user can only have 1 ...Can I Use Restricted Keys For Stripe Access?
When you add a Stripe connection to your workspace, you can choose to use a restricted key. This allows you to safeguard your Stripe environment by: Limiting access to read-only mode Limiting access to those entities required to calculate commissions ...Who Can View Whose Commission Statement (Permissions / Hierarchies)?
This article describes rules applied to determine who can view whose commission statement. First, to allow user A to view the commission statement of user B, you need to either a/ define a team hierarchy or b/ a direct manager hierarchy. Learn more ...What Can Participants Do?
Users with the participant role do not have access to any management aspect of your workspace. All they can do is access their personal incentives dashboard. However, some participants may be able to view other user's personal incentives dashboards: ...How To Allow Managers Permission To View Rep Statements?
To allow user A to view the commission statement of user B, you can: Set B's direct manager to A Edit the user Set field "Direct Manager" Create a permission team Set A as the manager Set B as a team member Learn more about the difference between ...