Secured way to enable a public URL(Anonymous) to access document
Hi Experts, Looking for a secured solution to create public URL for customers to download file stored in private S3.Required file mapping and S3 connection is stored and happening in the backend application. Basically, once file is uploaded, we will get a document ID, this is enough for backend service to download from S3.Here we need to expose a URL to reach till this logic and download file, for anyone with URL. Current design: Opening a Deep link handler for anonymous and pass in encrypted document id (AES encryption) I can even store this in Mendix and generate UUID instead of doc ID) Decode the doc ID, call document API’s download file. Please let me know how much secured this approach is, I am still not convinced to enable an anonymous role in application. Regards, Harisanker B
Hari sanker B
Your current design seems already quite nice. I'm also hesistent in allowing anonymous users into a Mendix app, so I'd like to share an alternative here.