Tokens are used on public pages for schedules, calendars, and requesting time off without the requirement of signing in to WorkSked. Tokens create obfuscated URLs that prevent others from seeing your data. The benefit of using tokens for public pages is that regular employees do not have to sign in to interact with WorkSked.
A token is a random 20 character string that makes guessing a URL extremely difficult. Be warned of the tradeoff: high level of ease of use vs. a fairly low level of security. If you believe that a person or persons are accessing your public pages without authorization, you can easily regenerate new account and/or employee tokens from within the application.
To generate new tokens:
- Account — Navigate to the Settings page, scroll down to the Token section, and click Regenerate Token (account owner only).
- Employee — Select an employee, scroll down to the Token section, and click Regenerate Token (must have sufficient privileges).
- Schedules — https://www.worksked.com/en/<account-token>/schedules
- Calendar — https://www.worksked.com/en/<account-token>/<employee-token>/calendar
- Request Time Off — https://www.worksked.com/en/<account-token>/<employee-token>/timeoffs/new