LiquidFiles Documentation
LiquidFiles Documentation

Temporary User Authentication

Temporary User Authentication is an authentication method in LiquidFiles to enable authenticated access for external users with no (permanent) local user accounts that needs managing.

Temporary Users was introduced in LiquidFiles v3.5 as a replacement for Access Passes in LiquidFiles v3.4.

Video Overview

This video walks through authenticating and configuration of Temporary Users.

Temporary Users Overview

When an external recipient receives a Temporary User email, it will look similar to this:

The Temporary User email will contain the Email and Password (joe@external.com and V8rj-EMqQ-xtGU in the email above) will uniquely idenfiy the user. The Temporary User Account can be used:

  1. If a user authenticates when accessing a message (or FileLink), the user will be taken to that message.
  2. If a user clicks on the Login button or the link next to it — the user will be taken to the users Inbox where all messages that has been sent to that user can be accessed.
  3. If a user uses the email and password from the Temporary User account to login on the front page, they will be taken to the users Inbox where all messages that has been sent to that user can be accessed.

Configuration

These are the available configuration settings for Temporary User authentication. You can access these settings in Admin → Configuration → Settings, in the Temporary User tab.

Temporary User Expiration

The Temporary User Expiration (in seconds) determine how long a user can use the Temporary User details. The default is 604800s, or 1 week. This means that if you send a Secure Message to an external user with no user account on your LiquidFiles system, the Temporary User details they will receive is valid for 1 week.

Temporary User Remove After

In order to make Temporary User authentication as user friendly as possible, we keep expired Temporary User details on the LiquidFiles system for a fairly long time. On default they will be removed after 90 days. If someone enters expired Temporary User details, or clicks on an expired Login button or link, they will automatically receive a new Temporary User email.

Temporary User Resend After

Because users will likely delete the Temporary User email. After this time, defaulting to 12h, a new Temporary User email will be sent as a reminder. If the previous Temporary User is still valid, the same Temporary User details will be re-sent in the new email. This is so that there's a balance between reminding users and not be annoying.

If john.doe@company.com receives 5 Secure Messages in a day, he will only receive 1 Temporary User email. It's only after 12h (on default) has passed until he receives another Secure Message that he will receive another Temporary User email.

One of the reasons why we wanted to keep old Temporary User details is that say that the user john.doe@company.com can also receive emails as jdoe@company.com or just john@company.com. If we ask the user to enter their email address (how external user authentication worked before LiquidFiles v3.4, or if you disable "Pre-Deliver Temporary User Account emails" below) if the Secure Message was sent to john.doe@company.com, that's what the user had to enter. The LiquidFiles system has no way of knowing that john.doe@company.com, jdoe@company.com and john@company.com is the same user.

Pre-Deliver Temporary User Account Emails when a Secure Message is sent

When a user sends a Secure Message to an external user with no User Account on the LiquidFiles system, this setting controls if the LiquidFiles system should automatically create and send a Temporary User Account email or not. The default is to create and send Temporary User Account emails. The biggest difference is that when not pre-deliver Temporary User emails then the recipient will need to make sure that they enter the correct email that the Secure Message was sent to, see the blue section above.

Pre-Deliver Excludes

If you pre-deliver Temporary User Account emails and have a certain email address or email domain you wish to exclude from pre-deliver these emails to, you can enter them here. One example would be a CMS or email archive system your users BCC their emails to but will never actually login to access the Secure Message.

Temporary User Expiration Example

Lets say a user sends a Secure Message to john.doe@company.com on 1st of February at 9am. john.doe@company.com does not have an account on this LiquidFiles system. We assume this LiquidFiles system has the default configuration above. john.doe@company.com will receive a Temporary User email with login details: Email: john.doe@company.com and Password: ZA03-EI4c-nFBi. One of three things will now happen:

  1. john.doe@company.com clicks on the link in the email before 9am on the 8th of Febrary, enters the Email and Password: ZA03-EI4c-nFBi and will be successfully authenticated.
  2. john.doe@company.com clicks on the link in the email after 9am on the 8th of February but before the 1st of March (90 days later), enters the Email and Password ZA03-EI4c-nFBi. Since the Temporary User has expired, it can't be used to authenticate john.doe@company.com, but since it hasn't been removed, we know that Temporary User Password: ZA03-EI4c-nFBi used to authenticate john.doe@company.com so the LiquidFiles system automatically sends a new Temporary User email to john.doe@company.com that can be used to authenticate.
  3. john.doe@company.com clicks on the link in the email after 1st of May (90 days later). There will no longer be any record of the Temporary User Email and Password: ZA03-EI4c-nFBi so the LiquidFiles system will prompt the user to enter their email address to send a new Temporary User email.

Changing the Temporary User Email Templates

All emails sent by LiquidFiles is completely customizable, including the Temporary User emails. To change these emails, please go to Admin → Configuration → Email Templates, and edit the following email templates: