SmartSurvey Logo
Design & Manage
Send & Collect
Analyze Results
Account & Billing

Secure Custom Variable Links

What secure variable links are

Secure variable links encrypt your custom variable values into a single token added to the survey link as ?sv=. Respondents cannot read or change the values, and any attempt to tamper with the token stops the survey loading. Use them when the data you pass in is sensitive or must not be altered, such as an account ID, a salary band, or an entitlement flag.

Standard custom variable link — values are visible and editable:

https://www.smartsurvey.com/s/surveyname/?CustomerID=12345&Region=North

Secure variable link — the same values, encrypted into one token:

https://www.smartsurvey.com/s/surveyname/?sv=Q8x2k...

How secure variable links work

  • Your survey has its own encryption secret, a 16-byte key shown as 32 hex characters
  • Your values are packaged as JSON and encrypted with AES-128-GCM using that secret
  • The result is encoded into the ?sv= token; SmartSurvey decrypts it when the respondent opens the link
  • If the token is changed in any way, decryption fails and the survey does not load

Secure variable links work alongside your existing custom variables. You define the variables in the normal way, then choose to deliver their values securely.

Before you start

  • Secure variable links are a paid plan feature. If your plan does not include them, you will see an upgrade prompt when you try to enable them
  • Define your custom variables first on the Custom Variables page. See Custom variables guide.

Enable secure variable links

  1. Go to My Surveys and select Build on your survey
  2. Select Custom Variables in the left-hand menu
  3. In the Secure Variable Links section, select Enable Secure Variable Links
  4. An encryption secret is generated automatically, you can view or change it later

Generate a single secure link

  1. On the Secure Variable Links section, open the Generate Links tab
  2. Choose the web link to base the secure link on
  3. Enter a value for each variable; required variables must be filled in
  4. Select Generate link
  5. Copy the link, or select Open to preview it

Generate secure links in bulk

  1. Open the Generate Links tab and switch to Bulk
  2. Paste or upload your data as CSV or TSV, with one column per variable name and one row per respondent
  3. Select Generate links
  4. Review the results, each row shows either a link or a reason it could not be generated
  5. Copy all links, or download them as a CSV to use in your mail merge or system

You can generate up to 1,000 links at a time. Required variables must have a value in every row.

Integrate with your own systems

If you generate links from your own application, the Developer tab provides ready-made encryption code for JavaScript, Python, C#, and PHP. To make the samples easy to reuse, switch on Use this survey's variables in the example so the code already lists your variable names.

The token format is:

  • Cipher: AES-128-GCM
  • Key: your encryption secret (16 bytes, 32 hex characters)
  • Token: Base64URL of nonce + ciphertext + authentication tag, with padding removed
  • Plaintext: a JSON object of variable name and value pairs

Replace the placeholder secret in the sample with the value from the Encryption Secret tab, and keep that secret private.

Manage your encryption secret

Open the Encryption Secret tab to view or copy the secret, or to rotate it.

Rotating the secret generates a new key and breaks every link created with the old key. Only rotate it if you intend to stop the existing links working and issue new ones, for example if the secret may have been exposed.

Disable secure variable links

You can disable the feature at any time from the Secure Variable Links section. Disabling keeps the encryption secret stored, so any links you have already shared start working again if you re-enable the feature with the same secret.

Troubleshooting

  • The survey will not load from a secure link — the token may have been altered, truncated, or generated with a different secret. Generate a fresh link
  • A respondent sees a missing-value message — a required variable was not included in the values you encrypted. Add it and regenerate
  • Existing links stopped working — the encryption secret was rotated. Reissue links using the current secret

 

Related Guides

Was this guide helpful?

YES NO