We are disabling non-time limited auto-login links on
May 15th, 2020. After that date, your users won't be able to use those links to log in. If you saw a warning in your helpdesk with a link to this article we identified that you still use unlimited auto-login links in some capacity.
Why am I seeing this?
If you saw a link to this article on top of your helpdesk then you are using some features that are going to be disabled on May 15th.
What are auto-login links?
What is going to be deprecated exactly?
The userHash
component of a link has to be calculated like this: MD5(name + email + shared-secret + day + month)
.
Previously you were not required to add day and month components into it, so links with a hash like this MD5(name + email + shared-secret)
still work, but they are going to stop working on May 15th, 2020.
What should I do?
1. If you are using IIS script to authenticate your users
The script makes use of auto-login links behind the scenes. You need to download an updated version.
Go to Administration - General settings and scroll to the very bottom of the page. You can download the updated script in the "Active directory" section. Please open your current script and the updated one in a text editor. At the top of your current script, there are settings that you need to move to the new script. Specifically, make sure you move sSharedSecret
and sReturnURL
to the new script.
2. If you are using auto-login links for other reasons
Add day and month components to your auto-login links. Your userHash should look like
MD5(name + email + shared-secret + day + month)
. The day and month values should be the current day of the month, and the current month formatted as
two digits, so "January 1st" should become "0101". You can find all the details in
this article.