Allow users sending emails with template only

krzysztofweglinski · October 27, 2014, 1:02pm

Hey,
lets say I’ve build an app with some content that user want to share links to via email.
So there’s one problem.
If i make rest request to send mails - it works fine but theres security problem.
Now user is allowed to send any email as our company - using console and rest query.

How to prevent them sending any other mails than my email template with dynamicly generated link?

toddappleton · October 28, 2014, 2:30pm

You could have a server side script on the email service that validates the email parameters before the email is sent. If something about the request is invalid the script can throw an exception and no email is sent.

Currently we don’t have pre and post scripts for the email service but I think these could be added by us fairly easily. Would that solve your problem?

Topic		Replies	Views
Unable to create email templates via REST (with Swagger or coded request) REST API	7	2357	October 29, 2015
Issue with custom email template REST API	14	3945	September 27, 2016
Problem sending email message with HTML REST API	0	1688	March 15, 2016
PHP Email Service Payload Formatting Server-Side Scripting	3	1475	April 24, 2018
App Specific Password Reset Email Templates App Configuration	0	1822	September 16, 2015

Allow users sending emails with template only

Related topics