A designer must make changes to a form/flow in their company space at the request of a co-worker. The requesting employee logs into the company space, selects the form/flow from the menu and copies the form/flow instance URL from the browser. An opaque URL such as the one shown below is emailed to the designer. The designer can't remember what user, app, form/flow name that opaque url maps to and uses the lookup feature to find the form/flow they need to fix/enhance.
Paste the opaque URL into your browser. Remove everything after the uuid. Replace it with lookup after the slash. Press the Enter key. Login to the tenant (determined by the tenant name after the /tn in the URL) as an admin, designer or publisher user if presented with the login screen.
The uuid is converted to the user id of the designer who owns the space.
Login to the tenant as the specified user and edit the space menu to get the raw form/flow link. Remove everything after the formtype, flowtype, value in the opaque Raw Form/flow link. In the example shown, you would remove all characters starting with the question mark
Add /lookup to get the application and form/flow name
The workflow named Example 3 - PO for Sales Review is located in the tenant mycompany, in the designer user account, in the application Purchase Order Completed.
Application: Purchase Order Completed
Flow: Example 3 - PO for Sales Review
Anonymous Access to Public Forms/Flows in Container Managed Tenants
If you are using a tenant configured for a container security manager and you want to allow anonymous access to your forms/flows, you must manually add "public" to the link to make forms/flows accessible to users who are not logged in. You must do this if you are using any of the URL types in the Share dialog for forms and flows, using a Space or embedding forms/flows in your website. The public URL allows the tenant to be secured while public forms can be accessed anonymously, ex: a job application on an external website.
Here is an example of a public url used to access a form in a container security managed tenant. The form/flow visibility is set to public via the Access Control feature. Anonymous users will be able to access the form as the servlet container will ALLOW access to the frevvo.war and ' access control will ALLOW access to the form. Close/open your browser or copy/paste the public url into another browser when testing.
You will not see the public url listed in the Share light box.
If you are using a tenant configured for a container security manager and you want to allow anonymous access to your forms/flows from your website, you must create a public URL.
Browser Session Security
When you create a new form, by default it is marked as Designers/Owner Only. At this time the only person who can use the form via any of the form's share choices, is the person logged into this account. Once you are ready to let others use your form you can mark the form as Anyone (no login required). Now anyone that is given the form's URL via any of the form's share choices, has access to use and submit the form.
Designer/Owner Only vs Anyone (No login required) appear to be a binary choice. Either no one has access unless you're logged into the account or everyone has access without the need to login. Another way to make the form accessible is to leave the form locked and share it via browser session restricted access. The API can generate form URLs that are only valid for the current browser session. The form/flow URL generated in this way (not via the Share choices) cannot be passed to anyone outside of the session as it will not work
Embedding Forms in Your Website