Add current account information into our URLs

[treburn]

Feature Description Add account information into our URLs

Problem If a customer has multiple tenants, sharing a link to a risk will not necessarily take them to the right tenant to view the risk

Preferred Solution Add tenant information to the URL so that the link will take them to right tenant to view the risk

[storbeck]

We've had some internal discussions around this and we are stuck on one issue.

When impersonating into an account, this is a straightforward thing to add. We can simply add a ?a=email@domail.com to the URL. Then we can sniff this out and do the auto-impersonation. This is an easy add.

The issue that we've run into is this use case:

1. As a single user, I log into my account.
2. I identify a risk that I want to share with my friend.
3. I copy and paste the url to them, assuming they have access into my account.

The issue with this approach is that we did not start with an impersonation, and so ?a= would not be in the address.

I think this may be a valid and common occurrence, which is what's prevented us from implementing the above solution, as it's not going to cover a major use case.

We could always add ?a=email@domain.com automatically regardless, which is a simple solution, but I'm not sure how well this will be received.

[storbeck]

One other solution that we are discussing, however it seems hacky to me.

We could encode the email in some simple way, treating it like a project id. /app/assets -> /email@domain.com/assets -> /{some-uuid-translation}/assets