๐ชCode Risk Magic Links
Arnica Magic Links
Arnica magic links provide direct access to a single risk, or a subset of risks. These magic links allow users to view or share specific risks without full access to Arnica. These links make it easy to quickly view a new risk, and make it easy to share the context of a specific finding with peers or stakeholders without direct Arnica access.
Magic links provide read-only access and do not allow users to update the status of included risks.
Requesting Magic Links
Magic links can be requested through chat tools such as Slack or Teams, created within the Arnica code risk pages, or received in an alert when a risk identified. Magic links requested within Arnica's chatops integrations create developer specific or product oriented lists of risks. Using commands directly within the Arnica channel, users can request these links using "risks mine" and "risks product" commands.
Risks Mine:
The "risks mine" command will generate a magic link with direct access to Arnica. This magic link will lead to a risk table that is personalized for the user who requested the link, and will include all risks that they are directly associated with. This includes all fiondings where the requesting user is a committer, pusher, or the author of the commit that introduced the risk.
Risks Product:
The "risks product" command will generate a magic link with direct access to Arnica. This magic link will lead to a risk table that is personalized for the user who requested the link, and will include all risks that exist in product owned by the user.
Alert-based Magic Links
A magic link is provided within each notification sent by Arnica to chatops platforms. When a risk is identified and a matching policy requires a notification, Arnica will include a link in the notification that leads directly to the newly identified risk. This link will lead to a view that is restricted to that risk alone, making it safe to share.
Magic Link Expiration
Arnica's magic links have pre-determined expiration rules. These rules are set through an org-specific configuration, and include one or both of the following:
Time based expiration: The link will remain usable until the specified time is reached.
Use based expiration: The link will remain usable until it has reached it's defined maximum uses.
If both time-based and use-based expiration rules are set the links will expire after the first of the two conditions is met.
Default configurations require that magic links expire after 24 hours, and that links have unlimited uses. To have this configuration updated for your organization, the org admin can reach out to support@arnica.io or speak to Arnica's Customer Success team.
Last updated