Anonymous Login Overview

The Anonymous Login feature allows administrators to use a single account to grant multiple users limited access to Core. This is done by generating a URL that displays only the form or activity selected in the settings, without requiring login credentials. This feature is useful for organizations that occasionally require non-employees or ground-level employees to access Core and/or anonymously create or edit data.

An anonymous URL.

Because all changes made while using Anonymous Login is captured in the Audit Trail, before creating an anonymous URL, administrators must first create a non-administrative user account and assign that account to a role that will have access to the object type(s) and activity (if applicable) that have been selected in the anonymous login settings.

By creating an anonymous login URL, you are accepting the Terms of Service on behalf of the users who will be accessing the link.

IP Authorization Control

IP authorization control helps administrators control who's accessing specific orgs based on the IP address of users logging into Core and users accessing it through an Anonymous Login URL. 

If enabled on an anonymous URL, the IP address of the user accessing the URL will be validated against the entries in the org's IP allow list. If the IP address doesn't match any of the entries, a 403 error is displayed. This is captured in the User Audit Trail as an Unsuccessful Anonymous Login event.

The error message displayed to unauthorized users attempting to access an Anonymous Login URL.

Before this option can be enabled on a URL, IP authorization must be enabled on the org by a super admin. For more information, including functionality for additional login scenarios, see the IP Authorization Control section.