Preventing Unauthorized Access to Service Custom Data Form

Permission available to: Administrator and owner roles

Setting available at: Organization level

You can capture essential guest data for services (that require careful administration) by sending an email to the guest with a link to the Service Custom Data form. To maintain the guest’s confidentiality and prevent unauthorized access to the form, Zenoti allows you to enable a setting that requires guests to log in before they can edit or view the form (sent via email).

To learn more about service custom data and the methods to email the form, read: Entering Service Custom Data.

To prevent unauthorized access to the service custom data form:

  1. Ensure that you are at the organization level.
  2. From the main menu, navigate to Admin > Organization > Organizations.
    The Edit Organization page opens.
  3. Click the Settings tab > expand the Custom Data section.
  4. Select the Prevent unauthorized access to service custom data checkbox to prevent guests to view or enter details without logging in.
    The checkbox is clear by default, thus allowing guests to access the form without having to log in.
  5. Click Save.
    Guests will now need to log in or sign up to view or enter their details in the service custom data form that is emailed to their registered email address. See Impact on Guest Access to the Form section below.

Impact on Guest Access to the Form

If the Prevent unauthorized access to service custom data setting is enabled, the following takes place:

  1. Guest receives an email with a link to the service custom data form.
    Note: The link to the form automatically expires after 8 hours.
  2. Guest clicks the link and is directed to login using the username (unique identifier) and password.
    Based on your organization level settings, the unique identifier may be the guest’s email address or phone number.
  3. Guest needs to enter the username and password or must sign up to create a new account.
  4. Zenoti performs a check and verifies if the logged in user's credentials is the same as that of the intended guest.
    If the credentials are valid, then Zenoti allows the guest to proceed to complete the form. Else, the following error displays:
    You are not authorized to access this form. Please login with the correct credentials.
Have more questions? Submit a request