Conga Collaborate previously released enhancements to its security model which had an unanticipated adverse and undesired effect on a subset of previous functionality.

Summary

Conga Collaborate previously released enhancements to its security model which had an unanticipated adverse and undesired effect on a subset of previous functionality.

Impact

The first impact was to Collaborate End Users, and related to the View functionality in the build part of the document during the sending experience. Previously the Collaborate End User was able to use the View functionality to copy and paste the Recipient document link in a new browser tab and view the document as the Recipient. With the enhanced security model, this is no longer allowed in the same browser because of a shared session (for example, the End User is currently logged into Collaborate and cannot simultaneously share a session to view a Recipient document). This would result in an End User being able to view a document, but “call to action” buttons like the Acceptance Button would be missing on the document. The proposed workaround was to use a new Incognito browser to allow for accurate viewing (for example, a new browser session).

Furthermore, this issue was compounded by a variety of scenarios in which while there was some overlap in viewing behavior, also created further difficulty troubleshooting.

The three primary contributors to the discrepancies in behavior were:

If the Recipient was viewing the document with the unique URL instead of the public URL.

If the document had people added directly to it (either through adding Salesforce Contacts or people directly from the People tab).

If an esignature solution (Collaborate eSign, DocuSign, or Conga Sign) was being utilized.

The second impact was to the Recipient of documents, or Conga’s Customers’ Customers. If the Recipient of any Collaborate document received more than one document (at any point in time) it was possible that the Recipient’s browser saved the previous session when a subsequent document was attempted to be viewed, which resulted in redirecting the Recipient to the Collaborate Application Login Page instead of the Document viewing page. This happened intermittently and had dependencies on the Recipient’s browser behaviors, internal IT policies, etc.

Solution

The fix released on 6/12/2019 creates a new End User flow for the first scenario, allowing for viewing the Recipient document in the same browser, and eliminates the need for an incognito browser as a workaround. The fix also eliminates the second scenario, reverting to prior behavior of Recipient’s of documents to view documents directly and not be redirected to the Collaborate Application Login Page. To turn on this new functionality, submit a request to our Support Team.