propform.ioHilfe

Deutsch English Italiano Español Français
🚀 Getting started
Overview Quick start videos Getting started
🔌 Connect to onOffice
Activate & access the Marketplace Set up API users (creation, permissions, tokens, email)
⚙️ Account settings
Account settings
📋 Forms
Create form Form settings Auto-Submit & Conditional Routing PDF creation Template Gallery & Quick-Start Patterns Search profiles (search criteria)
🧱 Fields
Fields — all types & options Special field types (range slider, autocomplete) Terms, rules & calculations Download fields AI features (voice input, auto-fill, ChatGPT)
🎨 Design & Branding
Logo, colours, iFrame, mobile
🔄 Pre-filling & Data Records
Pre-fill & load records Merging multiple records (buyer/owner)
📨 Email in Propform
Email options & recipient logic
📊 Tracking & Webhooks
Tracking (GTM, Pixel, Etracker) Webhooks
🔒 Data Protection
Data protection & data minimisation Form Protection & Access Control
📚 Reference
Macros (Propform & onOffice) Emojis & symbols for onOffice Overview of URL parameters
❓ Frequently asked questions
Overview My form isn't saving any data Fields are not displayed Email not arriving File upload fails UUID autofill isn't working The form is not displaying correctly Values are not passed to the PDF Spam protection & bot defence Multilingual forms Tracking in an embedded form (iFrame) Link multiple buyers/owners Filters per form (record limit) Duplicate a property when re-marketing it Recalculate formula fields in onOffice Address record with this UUID not found Form has expired / Session has expired
🤝 Consultant workflow
Resellers, sub-accounts, newsletter feeds
🆘 Help & Advice
Support & Consultants
📰 What's new?
Updates & News
Back to propform.io

Filters per form — Restricting access to records

For forms that load or edit address or property records (e.g. “Edit address”, “Edit property”, “Add data”), a user could theoretically access any records that the API user is permitted to view in onOffice by manipulating the UUID parameter in the URL. The filter per form restricts this.

When is this important?

Critical for publicly accessible forms that modify records:

  • Tenant self-disclosure form that updates an address record
  • Property handover form that writes to a property
  • Feedback forms to owners/buyers
  • Data correction forms via email link

Without a filter, anyone with the correct URL structure (?address[ID]=<UUID>) could load any record within the API user’s account view — even if they have nothing to do with it.

Setup

1. Create a filter in onOffice

Filters are a standard onOffice feature: Addresses / Properties module → Filter management → New filter.

Example filters:

  • “Active properties only” (Status = active)
  • “Search profiles from region X only”
  • “Addresses with contact type = Tenant only”
  • “Only status > 5” (for marketing readiness)

2. Activate the filter in the propform form

In the Form Editor → Address or Property fields → Filter settings → select the onOffice filter from the dropdown.

3. Effect

The form can now only load/edit records that are within the filter. If someone attempts to access a UUID outside the filter → the form rejects the request.

Best Practices

  • Make filters as narrow as possible: Only records that the specific form is actually intended to process
  • A separate filter per form: Different forms often require different restrictions
  • Check filters regularly: If new records are to be automatically added to the filter, the filter conditions must be dynamic accordingly
  • Testing: Try to access the form using a UUID outside the filter — it should be rejected

Combination with other protection mechanisms

A filter per form is a data protection layer, not access protection for the form itself. Additionally:

  • IP whitelist — who is permitted to access the form at all
  • Form password — access only with a password
  • Form key via URL parameter — dynamic token protection

More on this in the Form Protection Documentation.

Related