Enabling Secure Links for Users

Posted on 6th February 2018


Beyond sharing with others inside the organisation, users are also able to securely share files and folders outside the organisation using short URLs.  The short URLs can either be open and require no authentication (called Public Links) or ‘Secure Links’ can be created which allows the user sharing the resource to restrict access to the files to specific email addresses.  i.e. The recipient of the shared items is required to authenticate before they can access the shared items.

With Secure Links, external users receive email notifications as items are shared with them, and they will have an internal account automatically created on the Foldr appliance itself.  External users are prompted to create a password the first time they try to access a shared item via a Secure Link.  Password’s can be reset automatically by external users by way of a verification code that is sent to the external email address.

Appliance Configuration Steps

1.  Ensure the appliance can send email successfully.

Configure your email server settings within Foldr Settings >> General >> Mail Settings.  Example given below:

Use the Send Test Message button once the mail server settings have been saved and verify the test email was received successfully.

Test Message:

2.  Enable Email Notifications

within Foldr Settings >> Notifications >> Email Notifications and click Save

3.  Allow the built-in ‘Foldr External Users’ group to sign in.

Within Foldr Settings >> Security >> Use Foldr (top option) click + Add User or Group and search for Foldr External Users.  Select from the picker and choose Allow.

Click Save Changes.

4.  Enable the Secure Links permission

Within  Foldr Settings >> Shares, scroll down to the permissions section and grant the Secure Links permission to your internal AD users as required.   In the example below, ‘Foldr Users’ refers to everyone / all users however you can enable any sharing permission for specific Active Directory users or groups.

Note that by enabling Create Secure Links , the other sharing permissions are also enabled automatically.  These are required as a pre-requisite for the Secure Links feature.

Any Active Directory users that have been assigned the Create Secure Links permission, should now be able to share content from the web and iOS apps.

Using Secure Links – Web App Example

To share a folder called ‘Client Proposals’ with an external user, click the inline sharing button to bring up the share dialog:

Click the Public Links tab

Enable ‘Make available publicly’ and enter one or more external email addresses into the ‘restrict access to these external users’ field.

Click SHARE.  Note that any files or folders that are shared will appear in the web app with a share badge.

An email will be sent immediately to the recipient containing a link that will take them directly to the shared resource

When the user clicks the link in the email they will be taken to the short URL and asked to provide their email address.

After clicking NEXT

If this is the first time the external user tries to access a shared item via a Secure Link they will be prompted to create a password.  First pass the captcha by selecting the correct image and click CONTINUE.

An email will be sent to the external user’s email address containing a verification code.

The verification code should be entered into the password change field and a password chosen and entered.


The user will be prompted to sign in, using the email address and configured password to access the shared resource.

(Note that all sub-folders inside ‘client proposal’ folder are navigable)

Resetting Users Passwords

Should an external user forgot their password, they can reset it using the ‘Forgot Password‘ link after supplying their email address.

The user will have to pass the captcha again and provide the verification code that is sent to their email address before resetting the password.

Need more help?

Get in touch with our friendly help desk who will be happy to assist you, support@foldr.io