OTOBO

English

Deutsch
Français
Español
Português
Italiano
Polski
Nederlands

English

Deutsch
Français
Español
Português
Italiano
Polski
Nederlands

OneTimeAuthentificationLink

Compatibility OTOBO ≥ 11.0.x, Znuny ≥ 7.0.x

Overview

With the OneTimeAuthentificationLink plugin, OTOBO automatically generates single-use access tokens for customers. New users are created as needed and receive a link via email to log directly into their ticket portal without a password. Tokens expire after use or after a configurable period.

System Requirements

  • Framework: OTOBO 11.0.x
  • Packages: –
  • Third-Party: –

Installation

  1. Via the Package Manager
  • Log in as an admin and go to System Administration → Package Management.
  • Search for "OneTimeAuthentificationLink" and click Install.
  1. Manual Installation
  • Unpack the plugin archive into Kernel/Config/Files/.
  • In the admin area, go to System Administration → Update → Reload File System.

Configuration (SysConfig)

Core::Auth::Customer

KeyDescription
OneTimeAuth::CustomerErrorMessageNewLinkError message when a new link has been sent
OneTimeAuth::CustomerErrorMessageRefreshFailedMessage when a new token could not be generated
OneTimeAuth::TokenRefreshNotificationIDNotification text element for link refresh
OneTimeAuth::AccessDaysAfterCloseNumber of days links remain valid after a ticket is closed
OneTimeAuth::CustomerErrorMessageLinkExpiredError message when an expired token is used
OneTimeAuth::CustomerErrorMessageWrongLinkMessage when an old token is used while a new one already exists

Core::Email::PostMaster

  • PostMaster::PreFilterModule###000-CreateCustomerUser Automatically creates a CustomerUser upon receipt of new emails and protects against header spoofing via X-OTOBO-Customer.

Daemon::SchedulerCronTaskManager::Task

  • Daemon::SchedulerCronTaskManager::Task###DeleteExpiredOTATokens Deletes expired One-Time-Authentication tokens for closed tickets.

Usage

  1. Send an email to the support address configured in OTOBO.
  2. If no customer with this address exists yet, the plugin automatically creates a CustomerUser.
  3. Customers receive an email with a single-use link.
  4. Clicking the link opens the ticket portal without any further login.
  5. Links expire after the first use or after the number of days defined in AccessDaysAfterClose.

Limitations

  • Tokens are single-use only and cannot be extended manually.
  • Link expiration must be ensured via CronTasks.
  • The automation may fail if the mail configuration is incorrect.

Support & Further Information