External Access Controls
Kazinex Workflows allows document controllers to share specific documents with external reviewers through a guest portal — a secure, token-authenticated view that shows only the records assigned to that reviewer. This page covers the admin controls that govern how guest access is granted, what scope it covers, and how it is monitored and revoked.
How guest access works
When a document controller creates a guest share:
- Workflows generates a unique, cryptographically random token.
- The token is embedded in a link sent to the external reviewer.
- The reviewer clicks the link to open the guest portal — no account or password required.
- The portal shows only the record(s) assigned to that reviewer.
- The reviewer submits their response.
- The token expires on the configured expiry condition (date or access count).
- Every action taken by the reviewer is recorded in the audit trail under their name (as provided when creating the share).
Guest share policy settings
Access these settings at Settings → External Access (org-level) or Settings → External Access (project-level override).
Token expiry
| Setting | Options | Recommendation |
|---|---|---|
| Default token expiry | 7 days, 14 days, 30 days, Custom | Use 14 days for standard reviews; 7 days for sensitive documents |
| Maximum token expiry | Set an org-level ceiling that no project can exceed | Recommended: 30 days |
| Allow custom expiry | Yes / No | Yes for projects with variable review windows |
Access count limit
Set a maximum number of times the token can be used to open the portal. After the limit is reached, the link shows an “access count exceeded” message.
| Setting | Description |
|---|---|
| Default max access count | The default number of portal opens allowed per share (e.g., 5). Set to 0 for unlimited. |
| Allow document controllers to override | Yes / No. If Yes, controllers can set a custom count per share. |
Share scope
Controls what a single guest share can include:
| Share type | Description | Policy toggle |
|---|---|---|
| Single Document | Share grants access to one specific document revision | Always enabled |
| Document Package | Share grants access to a curated set of documents | Enable if external reviewers regularly need to review related sets |
| Work Package | Share grants access to all documents in a work package | Enable only when full-package external review is required |
Restrict Work Package shares to projects where external reviewers genuinely need full package access. Wider scope = larger exposure if the token is intercepted.
Acknowledgement requirement
Toggle whether external reviewers must formally acknowledge receipt before viewing the document. When enabled, a disclaimer screen appears before the document is shown.
Creating a guest share (document controller steps)
- Open a document in the register.
- Click Share with Guest (or ⋮ Actions → Create Guest Share).
- Fill in the share form:
- Recipient name — the external reviewer’s name (used in the audit trail and email).
- Recipient email — where the share link is sent.
- Scope — Single Document, Document Package, or Work Package (options limited by policy).
- Expiry — date or access count (within org policy limits).
- Instructions — freetext message shown in the email and at the top of the guest portal.
- Click Create Share. The link is sent immediately.
Monitoring active guest shares
Admins and document controllers can view all active guest shares:
- Go to Settings → External Access → Active Shares (admin view) or the document’s Shares panel (document-level view).
- The table shows:
- Recipient name and email
- Document(s) shared
- Created by
- Expiry (date and access count)
- Access count used
- Status: Active, Expired, or Revoked
- Sort by Expiry to find shares about to expire. Sort by Access Count to find frequently-accessed shares.
Revoking a guest share
Revoke a share immediately if:
- The document has been revised and the reviewer should use a new share.
- The reviewer submitted their response and no further access is needed.
- There is a security concern about the link being exposed.
To revoke:
- Find the share in Settings → External Access → Active Shares or the document’s Shares panel.
- Click Revoke.
- Confirm. The token is invalidated immediately. Any future attempt to open the portal using that link returns
This link has been revoked. - The revocation is recorded in the audit trail with the revoking admin’s name and timestamp.
Security best practices
| Practice | Reason |
|---|---|
| Set expiry dates to the minimum needed | Reduces the window during which a compromised link can be used |
| Enable access count limits for sensitive documents | A compromised link can only be opened a limited number of times |
| Never share the same token link with multiple recipients | Each external reviewer should have their own share so audit trails are per-person |
| Revoke shares immediately after response is received | Eliminates ongoing access to potentially sensitive documents |
| Review active shares monthly | Identify shares that are still active but have no response — follow up or revoke |
| Do not include document content in share invitation emails | The email is the credential delivery mechanism; avoid also including the content |
Auditing guest activity
All guest portal actions are recorded in the project audit trail:
| Event | What is recorded |
|---|---|
| Share created | Admin/controller name, recipient name/email, scope, expiry, timestamp |
| Share accessed | Recipient name, timestamp, access count used |
| Acknowledgement accepted | Recipient name, timestamp |
| Response submitted | Recipient name, decision, comment text, attachment names, timestamp |
| Share expired | Timestamp of expiry |
| Share revoked | Revoking admin name, timestamp |
To view guest activity for a specific document:
- Open the document.
- Select the Activity tab.
- Filter by Event Type → Guest Share.