Secure Chat in Amplify enables encrypted communication between Amplify users and external participants such as clients, customers, vendors, patients, or partners. Whether you are collaborating internally within Amplify or securely communicating with someone outside the platform, Secure Chat ensures conversations, files, and sensitive information remain protected.Documentation Index
Fetch the complete documentation index at: https://support.amplify.xyz/llms.txt
Use this file to discover all available pages before exploring further.
Secure Chat supports both internal encrypted communication and secure external communication through temporary access links.
How Secure Chat Works
Secure Chat supports two communication scenarios:- Amplify User ↔ Amplify User
- Amplify User ↔ Non-Amplify User
Secure Chat Between Amplify Users
This workflow is used when both participants already have Amplify accounts.
Features
- End-to-end encrypted messaging
- Secure file and document sharing
- Internal collaboration within Amplify
- Conversation logging and audit visibility
- Real-time communication
Common Use Cases
- Internal team communication
- Legal or finance collaboration
- Secure operational discussions
- Sharing confidential documents
Secure Chat Between an Amplify User and a Non-Amplify User
This workflow allows Amplify users to securely communicate with external participants through temporary secure access links.Example Scenarios
- A business user communicates with an external client
- A recruiter communicates with a candidate
- A legal team communicates with a vendor
- A support team communicates with a customer
External Secure Chat Workflow
Step 1: Start a Secure Chat
The Amplify user starts a secure conversation from within Amplify.Step 2: Secure Link Is Generated
Amplify automatically sends a secure access link to the external participant via SMS. The secure link:- Opens a secure chat portal
- Supports OTP verification
- Has configurable expiration
- Can be revoked anytime
- Can be extended when required
Step 3: Recipient Verifies Identity
The recipient opens the secure link and completes OTP verification.OTP verification helps ensure only the intended recipient can access the secure conversation.
Step 4: Secure Conversation Begins
Once verified, the external participant can:- Read secure messages
- Send replies
- Upload files and attachments
- Continue threaded conversations
- Export the secure thread
Secure Link Lifecycle
Secure links generated for non-Amplify users include status tracking, expiration controls, authentication logs, and access management.Amplify users can monitor link activity directly from the Logs and Info panels within Secure Chat.
Awaiting Access
The secure link has been generated but the recipient has not completed access verification.
Common Reasons
- Recipient has not opened the link
- OTP verification is pending
Active
During this state:- Messages can be exchanged
- Files can be uploaded
- Secure communication remains encrypted
- Activity logs continue tracking events
Expired
Important Notes
- Previous links stop working
- Access can be extended
- A new secure link can be generated
- Expiration helps reduce unauthorized long-term access
Revoked
Common Scenarios
- Access was granted accidentally
- Security policies require immediate removal
- The conversation no longer needs to remain accessible
- The existing link stops working immediately
- The external participant loses access
- Revocation activity is logged
Link Expiration Management
Amplify allows configurable expiration windows depending on organizational security requirements.Supported Expiration Durations
- 24 Hours
- 3 Days
- 7 Days
- Extend expiration windows
- Generate new secure links
- Revoke access anytime
OTP Verification
OTP verification adds an additional security layer before external users can access Secure Chat.
OTP Workflow
- Recipient clicks the secure link
- Amplify sends a verification code via SMS
- Recipient enters the OTP
- Access to Secure Chat is granted
What External Participants Can Do
Once authenticated, non-Amplify users can fully participate in the secure conversation.Supported Actions
- Read messages
- Reply securely
- Upload documents and attachments
- Continue conversations
- Export secure threads
- Access files securely
Logs and Audit Information
Amplify maintains detailed event tracking for all secure chat activity involving non-Amplify users.All access events, authentication activity, and link actions are recorded for auditing and operational visibility.
Logged Events Include
- Secure link generation
- SMS notification delivery
- OTP verification
- Access activity
- Link expiration
- Revocation activity
- Export actions
- Authentication details
Encryption and Security
Secure Chat is designed to support secure communication workflows across industries including healthcare, legal, finance, recruiting, customer support, and enterprise operations.
Security Features
- End-to-end encrypted messaging
- OTP-protected external access
- Expiring secure links
- Manual link revocation
- Encrypted file sharing
- Audit logging
- Secure document exchange
Managing Secure Chats
Amplify users can manage secure conversations directly from the chat interface.Available Controls
- Start secure conversations
- Send encrypted messages
- Upload files
- Monitor access status
- Extend expiration windows
- Revoke secure links
- Review logs and activity
- Monitor authentication details
- Current link status
- Expiration information
- OTP verification activity
- Encryption details
- Consent records
- Access history
Best Practices
Use Shorter Expiration Windows for Sensitive Conversations
Shorter access durations reduce long-term exposure risk.Revoke Links When No Longer Needed
Immediately removing access helps maintain tighter security controls.Verify Recipient Contact Information
Ensure the correct phone number is used before sending secure links.Monitor Logs Regularly
Review activity logs for compliance and operational oversight.FAQs
Do non-Amplify users need an Amplify account?
Do non-Amplify users need an Amplify account?
No. External participants can access Secure Chat through a secure link and OTP verification without creating an Amplify account.
How are secure links delivered?
How are secure links delivered?
Secure links are typically delivered through SMS to the recipient’s phone number.
Can secure links expire?
Can secure links expire?
Yes. Secure links support configurable expiration periods such as 24 hours, 3 days, or 7 days.
Can a secure link be revoked?
Can a secure link be revoked?
Yes. Amplify users can revoke secure links at any time.
What happens when a link expires?
What happens when a link expires?
The recipient loses access to the secure conversation until a new link is generated or access is extended.
What happens when a link is revoked?
What happens when a link is revoked?
The secure chat link immediately becomes inaccessible and the recipient can no longer access the conversation.
Are conversations encrypted?
Are conversations encrypted?
Yes. Messages and attachments remain encrypted throughout the communication lifecycle.
Can external users upload files?
Can external users upload files?
Yes. External participants can upload documents and attachments through the secure chat portal.
Can external users export conversation threads?
Can external users export conversation threads?
Yes. Non-Amplify users can export secure chat threads from their side.
Is OTP verification required?
Is OTP verification required?
Yes. External users must complete OTP verification before accessing Secure Chat.
Are secure chat activities logged?
Are secure chat activities logged?
Yes. Amplify records authentication activity, link actions, expiration states, revocations, and access events for auditing and compliance.