One-Time URLs: The Importance of Disposable Access

The Importance of Disposable Access

Providing remote access to your internal resources can be a real challenge. If you must deliver an application to potential customers or your contractors need temporary access to corporate desktops, disposable connections can help you provide one-time secure remote access while avoiding complex configuration steps.

If you are responsible for delivering remote access to resources, you know that setting the environment up can turn into a nightmare. The risk increases when granting access to total strangers: unlike simple screen sharing, enabling unattended access to a remote desktop session requires a user definition or assignment.

Then, how can you prevent those users from attempting to reuse guest credentials? How can you provide the most secure and convenient alternative whenever they need access to those resources? How to successfully combine web and desktop worlds into a single, integrated environment? Well, this is when the importance of being discardable becomes a necessity.

One-Time-URL is how Thinfinity allows you to create a single use-and-discard web address. In a nutshell, you can set and configure the desired connection and generate a dynamic link you will provide to the user for one-time access to a desktop or application on your local network. This dynamic link can be created by admins with built-in credentials and predefined session duration.

How to integrate One-Time URL in Thinfinity Remote Workspace

1. First, you need to ask Thinfinity Remote Workspace to generate your URL. Call Thinfinity Remote Workspace server following this URL format:

http(s)://Thinfinity:Port/ws/oturl/get?<queryString>

 

2. The queryString should be built with all parameters listed below:

apikey= <apikey> &apiuser= <apiuser> &model= <model> &plen= <passlen> &expires= <expires>

Find in the table below a description for each parameter:

Parameter Description
apiKey The ApiKey is a secret value known only by Thinfinity® Remote Desktop Server and the corporate application. Find out more about it on the ApiKey topic.
apiuser Use this parameter to identify the user within Thinfinity® Remote Desktop Server. The value should be the user or email registered on your website. The users are seen in the Analytics Web Service.
model Send the profile key of the profile you want to connect to. The profile’s settings will work as a template for the One-Time-URL connection that will be established. You can modify these settings by adding more parameters to the One-time-URL.
plen The plen parameter carries the password length.
expires Through this parameter you can set an expiration(in minutes) for the URL. Expires = 60 means that the URL won’t work anymore after 60 minutes from the URL generation.

 

On the next topics, you can find out other parameters you can use to Configure the connection and Enable features.

 

3. If Thinfinity® Remote Desktop Server gets to authenticate with the parameters sent on the queryString, it will return a One-Time-URL that will allow you to establish an RDP connection with the remote desktop.

/oturl.html?key=w7NJNschBdJD9e6G6luWhOCalM$oFW7guqC6jE1IQah3AJm3&pass=BOWZB8FG

 

Concatenate the Thinfinity® Remote Desktop Server address to the generated URL, following this format below:

http(s)://ThinfinityRDP:Port/oturl.html?key=w7NJNschBdJD9e6G6luWhOCalM$oFW7guqC6jE1IQah3AJm3&pass=BOWZB8FG

 

This way, the URL will be ready to be used. You can redirect your application to the desktop connection through it or even send it to an external user by e-mail.

 

⚠️You will find an HTML/ajax example inside the application installation directory, under the ‘webrdp’ folder. The file is named oturltest.html and implements the features covered on this topic.

 

In conclusion, a One-Time URL offers a useful way to extend web-enhanced applications to new scenarios. We are convinced you will greatly benefit from this Thinfinity Remote Workspace feature.

If you found this article interesting and want to know more about Thinfinity Remote Workspace,
you can contact us or schedule a 15-minute demo call with one of our Sales Engineers.

Leave a comment

Cookie Preferences
Privacy and Cookie Policies
Cybele Software implements specific policies to enhance your browsing experience while respecting your privacy. When you visit Cybele Software's website, the site uses cookies to personalize your experience. These small files remember your preferences and the details of your repeated visits, aligning closely with Cybele's Privacy Policy.

You have complete control over the cookies used during your visit:
- Accepting All Cookies: You can agree to the use of all cookies by clicking “Accept All.” This provides a smoother, more integrated experience.
- Customizing Cookie Settings: If you prefer to manage your preferences, you can click on "Cookie Settings." This allows you to give controlled consent by selecting which types of cookies you agree to activate.
- Opting Out: You also have the option to opt-out entirely from non-essential cookies. It's important to note that choosing this option might impact your experience on the website, potentially limiting certain functionalities and features.
These features ensure that you can tailor your browsing according to your personal preferences and privacy concerns.