Hi Yaw, I'm just wondering about security and privacy issues that might arise when using mailgun. It seems like it could open a large hole. What are your thoughts on that? Thank you.
Hi Dan, ODK Central uses email for account management. I think this involves sending links or password-related information through the mail server.
I haven't been able to get it working on my own server so I don't know what the email looks like.
Central uses the industry-standard process of sending a password reset email. When you click the link, you get a change to set a password. The message looks like this..
A password reset has been requested for this email address.
If this message is unexpected, simply ignore it. Otherwise, please visit the following link to set your password and claim your account:
https://sandbox.getodk.cloud/#/account/claim?token=VM6LLcQzwrzcR3GXwSzkd8hx7KhbzaoSapzKC0Adl$s7!fUWDQKfX4zBCZZZCt8p
The link is valid for 24 hours. After that, you will have to request a new one by resetting your password:
https://sandbox.getodk.cloud/#/reset-password
We never put the password in the email.
2 Likes