System Behavior: Email Approvals and Session Authentication
When an approver clicks an approval link directly from an email notification, the system's behavior depends entirely on the status of their current HR Account session. To ensure both security and convenience, the system handles authentication using the following logic:
Scenario 1: The HR Account is Logged Out
If you are not currently logged into your HR Account when you click the email approval link:
- Authentication Required: The system will automatically redirect you to the main login page. This is to ensure that only an Authorized Person will be able to approve the application.
This step is vital for maintaining strict security protocols. In cases where an approval email is inadvertently or intentionally forwarded, built-in access controls ensure that unauthorized users are blocked from approving the application.
- Next Steps: You must enter your credentials (or use Single Sign-On) to authenticate. Once successfully logged in, you will be redirected to complete or confirm the application approval.
Scenario 2: The HR Account is Already Logged In
If you already have an active, logged-in session in your browser when you click the email approval link:
- Direct Approval: The system recognizes your active session and authenticates you automatically in the background.
- Next Steps: The application can be approved straight from the email action without requiring you to re-enter your username or password.
Security Note: If you are using a shared or public computer, always ensure you log out of your HR Account after completing your tasks to prevent unauthorized email approvals.
Want real-time responses? Explore Sidekick, your 24/7 guide for product inquiries!