...
Directive Set Links
Approval Links
Customer Satisfaction Feedback Links
If you are noticing that these links are always displaying a warning (despite the approval action completing), the underlying problem may be with the configuration of a security scanner consuming the tokens before opening the link in your web browser.
What happens
When an email link is clicked, some mail hosts containing security scanning tools will access the email links. After the security scanner completes, it will redirect and open the same URL on the users web browser.
This causes one time activation codes to be consumed by the security tool, causing the redirect page to display an error message that ‘The token has already been consumed'.
...
How to fix
Due to the changes in the automation process, there are no changes that need to be performed by customers, clicking these links will show an additional page that requires an extra button press. See Changes to user flow processes for what this means.
Changes to user flow processes
Due to the introduction of an extra security layer, users will be required to submit an additional form to confirm the changes. (The form simply consists of a button).
To prevent security tools from consuming one time activation tokens, an extra layer is required. The button approach is the quickest operation, as opposed to other validation approaches, such as Captcha Authorization (Clicking another button is faster and more convenient instead of a google captcha form for each link).
Previous Behaviour
An email link is clicked.
Optional - Security Scanner consumes the link and opens link in the users browser
Page loads, attempting to consume token. If security tools have already consumed the link, the page will display an error.
...
New Behaviour
An email link is clicked.
Optional - Security Scanner consumes the link and opens link in the users browser
The link opens a new page that requires confirmation of the operation.
...
When confirming the operation, the Token is consumed, and the outcome of the action will be displayed (If successful, a success message is shown, otherwise the page will show the error that occurred).
...
| Info |
|---|
The most common cause is when the Outlook/O365 Desktop client is used along with ProofPoint SafeLinks. Please check your security tool configuration to ensure links do not get consumed before opening in the web browser. |
How to fix
To prevent security scanners from consuming these tokens, these links must be whitelisted.
E.g, See Proof Point documentation for URL whitelisting: https://help.proofpoint.com/Proofpoint_Essentials/Email_Security/Administrator_Topics/Other_Features/Troubleshooting_issues_with_URL_Defense
