Block redirect link requests with invalid authentication hashes for SMS now being enforced

Authentication Hash in SMS Links

In the 25A release, Oracle introduced the addition of the authentication hash parameter for your redirect links in SMS. With 25B, this is now being enforced. 

• Enhanced redirect link authentication
• Improved security by blocking requests with invalid auth hashes
• Prevents redirect links from being altered externally
• Included authentication hash in SMS links
  • Added in links sent after 25A release
  • Enforced in 25B release

As a reminder, this functionality enhances redirect link authentication and prevents your redirect links from being altered externally.

Steps to Enable

You don't need to do anything to enable this feature.

Tips And Considerations

Redirect links in SMS sent after the 25A release automatically included the authentication hash parameter.

SMS redirect links will continue to work until Eloqua enforces the authentication hash parameter with the 25B release. This means that, any SMS sent prior to the 25A release and are in a recipient’s inbox that contain redirect links will be blocked starting with the 25B release.

Key Resources

• Eloqua Product Notice: Block Redirect Link Requests with Invalid Authentication Hashes [Updated for 2025]
• 25A Update: Block Redirect Link Requests with Invalid Authentication Hashes for SMS