Interfaces Understanding interfaces Interfaces allow access to the system with preset values for Wrapper Stylesheet Template Language User context When accessing the interface the user is redireceted to the main page with the correct parameters set. In case the user context is active, a session with a matching user profile is also created i process. The following types of record operations are allowed Create new records Update an existing record Create operations Create operations require no additional security information and can be used directly. URL for testing the interface: http://[server name]/[application]/webinterface?[interfacename] Update operations When updating an existing record a security token must be passed along to the interface: The right data is displayed for the user Bind user session to this piece of data A security token contains a reference to the record a timestamp when the token was issued a signature that guarantees that the server issued the token URL for testing the interface: http://[server name]/[application]/webinterface?[interfacename]=[security token] Security tokens can be generated in various ways Create a status action that generates a notification Administrator tool: Designer > Modules > Admin Services > BuildSecuityToken Add the special "Token display" field to a solution Questionnaires and email invitations Generation of security tokens are closely tied to the use of questionnaires and status actions. The guide  Questionnaires covers such an example. Using interfaces Interfaces are access points for external users (someone using the system without a login). For a more detailed description, please read:  Understanding interfaces Basic configuration An interface has the following configuration options Interface URL Unique name of the service How should the interface behave Look and feel: Wrapper: "Outer" page design, possibly mimicing an existing website Template : "Inner" page design Stylesheet: Color, font, styles etc. Language: Default language set on page Use questionnaire : Use multiple pages in stead of one big page What is the external user allowed to do Proxy user profile Allow UPDATE of existing records Allow INSERT of new records Note that using and interface is no different than being a normal user: The external user will mimic the provided system user, and this user must have the appropiate permissions. Email tokens for access to existing records A common usage is sending email tokens to external users. Tokens will allow a certain user to update the content of a certain record. Usually these are tied together, where the email of the user is a field in the record. Tokens contain a timestamp, so it is possible to invalidate the token after a specified amount of time Token expiry : Maximum allowed age of the token Please not that tis use requires some additional configuration of the Status action that sends the emails. Other interface options Control what happens after an update or insert operation Succes message : Displayed message (if not using questionnaire interface) Failure message : Displayed message (if not using questionnaire interface) Redirect : URL to send user to after updating/inserting their data Extra security features CAPTCHA : User must take human test before using the interface (prevents robots from injecting data) IP filter : Specify which IP's are allowed to use the interface (prevent users from known problem countries)