I wish someone helps me with this, I got stuck.
I am trying to send an email activation link, and I want this link to be clickable and redirect users to the mobile app specific page of email verification.
This applies to the reset password link too.
Link example mobileappname://app/email-verification
Related
As most of you know that LinkedIn has a feature, where if someone goes on your profile, you get a notification. So my thinking was that I use LinkedIn to find out who is clicking on my Instagram profile.
I added my LinkedIn profile to my Instagram Bio and I found a way to create an alternate URL that redirects back to my LinkedIn. However, I am not getting the LinkedIn notification indicating someone clicked on my profile.
What triggers the LinkedIn notification check?
What can I do to trigger it if someone clicks on the URL?
I'm using an embedded MailChimp sign-up form.
Javascript is disabled on this form and I've set the page to redirect to a specific URL after a successful sign up. This works great when you sign up using a web browser.
However, when you open the website from instagram, the site renders in Instagram's own browser view. When you add your email address and click sign up, you are then redirected to a MailChimp hosted sign up page and have to enter your email address again.
Does anyone know of a way to prevent this?
How to make user browser download gmail attachment directly from GMAIL when accessing 3rd party web app which can get the attachment information using gmail api?
Here's the scenario:
1) There's web application with server side code that can fetch emails using GMail API.
2) If the message has attachment and the user clicks download attachment button I want the user browser to download the attachment directly from GMail without having the web app download it first to server and then send it to the user browser.
So basicly I'm asking how to create URL that points to gmail and makes the user browser get the attachment from there. Does this make any sense?
We can assume the user browser can/is authenticated to GMail.
Tried finding possible solutions but failed.
There is no way to make an URL to an attachment using the Gmail API. CORS is enabled however, so you could use the access_token on the front end to download the attachment right away, but exposing the access_token to the client comes with a set of security risks you will have to take into consideration.
Is possible to display a link to my website in gmail inbox, I have a google business account.
I developed an API that first check user login, and then directing to a website, i want to display its link in gmail inbox
You can do this via Gmail Sidebar gadgets.
To create a gadget with a simple link, you just create a gadget spec and make it available via a public Url. There is a simple editor for Gadgets.
Gmail gadgets can make requests to external services via makeRequest() function. If you need user authentication then your gadget must do OAuth authentication.
I have a question about security flow of confirmation link.
I have a website on which you have to fill your email address and password after filing these information my app sends an email with a secure link to user email address. After clicking on confirmation email user automatically gets logged inside the application.
Now question :
Is there a security risk to auto login user on clicking of confirmation link ?
Is there and security risk to auto login user on clicking of confirmation link? Yes and no. It depends on what is in the link. What I would do is I would have two field in database activate_code, that is randomly generated and is_activated which is defaulted to 0. Then I will send a link to activation code and another email with activation link. Once at activation link, user will fill code and account will be activated. redirect him to login page.
Do not send user emails or any other information. just send random codes or something similar
That is my cent!
Yes there is a security concern, as Gumbo points out.
Since the user has provided an email & password, why not require he be logged in to access his confirmation page?