Zero-login attestation

In DefenceFile workflow language, a zero-login attestation is a scoped external response flow where an associated person can answer a request without receiving internal workspace access.

Source baseline: 2026-06-15

Plain-language use

The workflow should keep raw bearer tokens out of audit rows and exports while preserving the response status and evidence lineage.

Safe use: Use for external evidence-collection workflow; do not treat a response as final legal classification.

Official sources

Home Office failure-to-prevent-fraud guidance v1.5
Updated 2025-10-10; accessed 2026-06-15.
SFO compliance-programme evaluation guidance
Published 2025-11-26; accessed 2026-06-15.

Related ECCTA pages

Guidance tracker ECCTA readiness guide Evidence register guide