I denied a workflow using a direct action link from an approval email and the workflow history shows another user from the approval group in the 'Executed By' column.
Answer:
The approval links are personalized. But the authentication is in the link. So if, for example, the email is forwarded it will record the original recipient. There is no login as such as the link itself is a one time token. In other words: if there is an approval group with 2 members there would be two emails sent with two different links.
Here is a summary of the behavior in different scenarios:
| Condition 1 | Condition 2 | Result |
|---|---|---|
| The user clicks Approve/Deny in the email sent by Pricefx to their own email address. | This user does not have a Pricefx session open in their browser. | 'Executed By' value will be set to this Pricefx user account associated with this email address. |
| This user has a Pricefx session open in their browser with another Pricefx user. | 'Executed By' value will be set to the Pricefx user account that has a session open in the browser. | |
| The user clicks Approve/Deny in an email that was sent by Pricefx to another user, but the other user forwarded the email. | – | 'Executed By' value will be set to the Pricefx user account associated with the original email address. |