This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 

SecurID® Governance & Lifecycle Blog

Subscribe to the official SecurID Governance & Lifecycle community blog for information about new product features, industry insights, best practices, and more.

Sending emails with option to download calendar invites

PradeepKadambar
Moderator Moderator
Moderator
3 9 2,874
ā€Ž2021-04-03 10:00 AM

One of the discussion thread led me to write this quick blog on the possibility of sending emails with the option to download calendar invites. This can be handy if you want to allow the recipients to save a reminder for the activity.

The complete code is attached at the end of the blog post.

What we want is a lightweight framework that requires little customization and JavaScript based framework is well suited for our needs. This code uses the Open Source JavaScript based framework ics.js (https://github.com/nwcell/ics.js). We will embed the minified version of the framework in our HTML email templates that can then be used with workflows, email templates for reviews etc.

Below is the generated email with the option to download the calendar invite.

PradeepKadambar_0-1617423342343.png

 

Upon clicking the second button, an ICS file will be downloaded.

PradeepKadambar_2-1617423582751.png

What we have behind the scenes is a simple HTML file (attached) that has the embedded ics.js that will generate the calendar invite on demand. The cal.addEvent() method must be populated to send the appropriate details of the event.

<script type="text/javascript">
    cal = ics();
    cal.addEvent('User Access Review - Q2 2021', 'Your action is needed for the "User Access Review - Q2 2021"', 'https://igl.company.com/aveksa/main', '04/01/2021 8:00 AM EDT', '04/15/2021 5:00 PM EDT');
</script>

 

 
Caveat emptor - This is a not so official blog !

 

 
Please give it a try and provide you feedback below.

 

 

 

 

 

activity-email.zip
9 Comments
ShlomoKatz
Valued Contributor
Valued Contributor
ā€Ž2021-04-04 10:14 PM

Thank you @PradeepKadambar !

I see what you are doing and this is a great idea, however, don't I still need to import the ics.js?

If so, I still need to know how to get passed the header error on import.

0 Likes
PradeepKadambar
Moderator Moderator
Moderator
ā€Ž2021-04-05 08:47 AM

No, it is embedded instead.

From the above blog

We will embed the minified version of the framework in our HTML email templates ......
0 Likes
ShlomoKatz
Valued Contributor
Valued Contributor
ā€Ž2021-04-05 09:42 AM

@PradeepKadambar 

Thank you, it must be something with my Outlook.

 

0 Likes
ShlomoKatz
Valued Contributor
Valued Contributor
ā€Ž2021-04-05 09:54 AM

OK - I am at loss ... the code is not staying with the Review email template.

It strips out all the js code.

0 Likes
PradeepKadambar
Moderator Moderator
Moderator
ā€Ž2021-04-05 01:23 PM

Do you allow sanitized HTML ?

0 Likes
ShlomoKatz
Valued Contributor
Valued Contributor
ā€Ž2021-04-05 02:21 PM

@PradeepKadambar 

yes.

0 Likes
Neha_Singh
New Contributor
New Contributor
ā€Ž2021-04-06 04:12 AM

Hi,

Only below part of the code stays in my email template and the rest of the code is ignored. Do I need to enable any custom setting for this?

 

<h1 style="color: #5e9ca0;"><span style="color: #00ccff;">User Access Review - Q2 2021</span></h1>
<h2 style="color: #2e6c80;"><span style="color: #ff9900;">What is this ?</span></h2>
<p>As part of the corporate security policy, you are required to perform the quarterly user access review.&nbsp;</p>
<p>I am ready to perform the review, <a href="https://igl.company.com/aveksa/main" target="_blank" >click here</a></p>
<p>I want to set a reminder in my calendar, <a href="#" onclick="javascript&colon;cal.download('User Access Review - Q2 2021')">click here</a></p>
<p>&nbsp;</p>
<p><strong>If you have trouble accessing the site or performing the actions please contact the Help Desk at <span style="color: #ff9900;">(456) 789-1111</span></strong></p>

D.S.9
Valued Contributor Valued Contributor
Valued Contributor
ā€Ž2021-04-08 10:37 AM

You cannot attach scripts or attribute that allows script injection OOB. This is to prevent XSS attacks. You can check the help link to see which attributes are allowed as part of sanitized html. Search "sanitized html". Definitely, no scripts.

If you are aware of it and still willing to take that risk, you can bring the old settings back that will allow you to enter any HTML markup with a hidden settings. This may be completely deprecated in future but it exists for now. I suggest you reach out to RSA support to get this enabled. But, be aware that you now have complete control over the html content and this could be good thing and bad thing depending on what you write. RSA support doesn't recommend enabling this settings. 

0 Likes
Neha_Singh
New Contributor
New Contributor
ā€Ž2021-04-29 04:51 AM

Hello All,

I made it with embedding the html code in email node of the workflow. But when email is triggered, it's calendar link doesn't work or open whereas the url (Organization's IGL URL) opens as expected. Did anyone had the same issue while testing or any idea about it?

Neha_Singh_0-1619685887304.png

 

0 Likes
© 2023 RSA Security LLC or its affiliates. All rights reserved.