Sharing but caring about privacy

Multiplatform permissions flows | API Config

Project Overview

We needed to enable teams and leagues to share links within the application while keeping them hidden due to sensitive user data. The challenge was to create a single, reusable link that could onboard players securely without exposing private information. This link had to allow both new and existing users to join their teams effortlessly while maintaining privacy controls.

Key features:

Mass-distributable secure link: Coaches and our internal team could generate a single invitation link through the Manager Portal.
Seamless onboarding: Clicking the link automatically onboarded users and linked their profiles to the correct team or league.
Privacy protection: Players gained team access without appearing in public listings, ensuring data confidentiality.
Expiration mechanism: The link functioned as a time-sensitive token, automatically expiring and requiring regeneration for continued security.

Customers want new easy ways to share his games, but not to everyone

Coaches and teams needed a simple yet controlled way to share private games with specific audiences, such as parents, without exposing sensitive data to the public. The challenge was to enable mass sharing while ensuring the link remained secure and limited in distribution.

The most effective solution was a single invitation link that allowed all parents to join effortlessly. This link acted as a time-sensitive token, ensuring that access remained controlled. Once parents used the link, they could complete the onboarding process internally, eliminating the need to generate individual links for each user.

Coaches could generate and share this link easily via the Web Manager Portal or through our internal platform, where they could send it via email.

How to do massive sharings without exposition

Link Generation – Coaches or our internal team generate an invitation link via the Web Manager Portal or internal platform.
Controlled Access – The link acts as a temporary authentication token, allowing users to join without needing individual invites.
Onboarding Process – Clicking the link directs users (new or existing) to an onboarding flow, automatically associating them with the correct team or league.
Expiration Mechanism – The link expires after a set time, preventing uncontrolled sharing and ensuring data security.

Notifications to communicate this

1. Invitation Sent – When a coach generates and shares a link, users receive an email or in-app notification with access instructions.

2. Onboarding Confirmation – After clicking the link, users get real-time feedback through in-app prompts guiding them through the process.

3. Successful Registration – Once onboarded, users receive a confirmation email or push notification confirming their access to the team or league.

4. Expiration Alerts – If a link is about to expire, ensuring uninterrupted access.

A global manage system for the OPS Team

Our internal administrators also have the ability to manage and control these links at a higher security level.

Key Capabilities:

• Centralized Link Management – Internal admins can generate, distribute, and monitor invitation links when needed.
• Security Oversight – Admins have the power to deactivate links, manage expirations, and prevent unauthorized access.
• Fallback Support – If a team lacks someone to create and organize links, our system ensures they can still be managed internally.
• Multi-Layered Control – This structure allows us to oversee both individual users and link creators, maintaining a secure and efficient access system.

This global management approach provides flexibility, security, and reliability, ensuring that access control remains both user-friendly and tightly regulated.