Skip to main content
Nintex Community Menu Bar

Hi,

 

I am creating a form that will be sent to external users so it will not be an authenticated form. Has anyone come up with a solution to do the following:

  1. Send a task to an external user
  2. In order to move forward within the form, the user can a generate a 6-digit code
  3. The 6-digit code is sent to the same email that was used to send the task form
  4. The user enters the 6-digit code then they can proceed with the form to submit their data.

My understanding is if the form has assignee authentication turned off then anyone with the URL can fill out the form. I am trying to at least build something that the person opening the link can at least prove they have access to the email address that received the task form. 

Hi ​@jack54321,

Nintex Automation Cloud does not currently support OTP and external user authentication, but is something we are currently considering. If you’d like to leave create an idea in our Nintex ideas portal I can keep you up to date.

Regards,

John


It may be possible to do something whereby the workflow generates a random code prior to the task being sent. We then store that code in a hidden label or variable in the task form. When the task form is sent, in parallel we also send an email with the code to the assigned user. They then insert the code in a textbox and if it is correct, we show the relevant task content. I don't think NAC has any out of the box ways of generating values (there are probably creative ways of doing this though), but there is a toolkit for NWC (an extension) which does have a generate guid action that could be utilized. ​@jack54321 lemme know if this is something you would be interested in. I could possibly create a demo workflow and send it to you.


We had a similar situation come up where we need external users to complete government tax forms. A requirement of the Tax Office is that the user who opens the linked form be able to enter a unique value to ‘prove’ they were the intended recipient before we show the form and collect details. It is not acceptable to use details that are already known to the user but which may be generally available, such as DOB.

We used the NAC function ‘Generateuid’ (in NWC Tools) to create a GUID - a 128-bit string of characters which we could then use as the basis for creating a code. We take the first 3 characters from the GUID, concat that to the last three characters to create a random 6-digit string. Store that on a record we have linked through a Data source on the external form. You then need to communicate that code to the user separately - we use an email - and then they can use that code to ‘open’ the form; effectively show groups/form controls via  rule.


Reply