Enabling Link Sharing in Booking.com for Partners Extranet Messages: A Step-by-Step Guide
Guest communication is one of the cornerstones of successful accommodation management. In recent years, Booking.com has significantly strengthened the security of its messaging system to protect both properties and guests from fraud and phishing attempts. As a result, external links can no longer be sent freely by default and must be explicitly approved in the Extranet.
In this guide, you’ll learn what this change means, why it matters, and how to correctly enable link sharing from the Booking.com for Partners Extranet. At the end of the article, you’ll also find a dedicated section explaining how to add the macufy.com domain, ensuring guests receive the online check-in link without any issues.
Why does Booking.com block links in messages?
Booking.com has introduced advanced security controls in its internal messaging system to reduce the risk of phishing attacks, which often rely on fake links to trick guests into sharing personal data or making fraudulent payments.
As a result of these security measures:
External links that are not approved are automatically removed.
In some cases, the entire message may not be delivered.
Guests may see placeholders such as “[link removed]”.
Automated messages containing links (check-in, payment, guides) may fail entirely.
This makes it essential for accommodation providers to configure approved links correctly.
What are “approved links” in Booking.com for Partners?
Within the Extranet, Booking.com offers a specific setting that allows partners to define which domains are authorised to be sent to guests through the messaging platform.
Important points to note:
You approve domains only, not full URLs.
For example, you add
example.com, nothttps://example.com/checkin.Any links using non-approved domains will be filtered out.
This system allows you to safely share:
Online check-in links
Arrival instructions
External payment pages
Digital guest guides
All while maintaining a secure messaging environment.
Prerequisites before enabling links
Before you start, make sure the following conditions are met:
Administrator access
Only users with administrator permissions can change messaging security settings in the Extranet.Two-factor authentication (2FA)
Booking.com requires two-factor authentication before accessing security-related settings.A clear list of domains you use
Identify the tools and platforms your property relies on (check-in systems, payment solutions, etc.) so you only approve the domains you actually need.
Exact path to enable link sharing in the Extranet
To configure approved links, follow this exact navigation path in the Booking.com Extranet:
Property → Messaging preferences → Security settings → Your approved links
This is the official and current location of the setting within the platform.
Step-by-step guide to adding approved links
1. Log in to the Booking.com Extranet
Go to https://admin.booking.com and sign in using your usual credentials.
2. Select the correct property
If you manage multiple accommodations, ensure you have selected the correct one before proceeding.
3. Open “Messaging preferences”
From the main menu, click Property, then select Messaging preferences.
4. Access “Security settings”
Within Messaging preferences, open Security settings.
If prompted, complete two-factor authentication.
5. Find “Your approved links”
In this section, you will see:
A list of already approved domains (if any)
An option labelled “Add a link”
6. Add the domain
Enter only the domain, without protocols, paths, or parameters:
✅ Correct:
example.com
❌ Incorrect:
https://example.com/checkin?booking=123
Save the changes once the domain has been added.
7. Apply to all properties (optional)
If you manage multiple properties under the same account, Booking.com allows you to apply the settings to all properties at once, saving time and avoiding mistakes.
Common mistakes to avoid
To ensure links work correctly, avoid these frequent errors:
Adding full URLs instead of just the domain
Forgetting to save or apply changes
Leaving the option “Block all links” enabled
Not testing messages after configuration
Forgetting to add both
wwwand non-wwwversions if applicable
What happens if you don’t enable approved links?
If approved links are not configured:
Online check-in links may never reach the guest
Messages may be partially or fully blocked
Manual communication increases operational workload
The guest experience may suffer before arrival
For properties using automated systems, this configuration is critical.
How to add macufy.com to send online check-in links
If you use Macufy for online check-in, you must authorise its domain so Booking.com allows the link to reach guests.
Domain to add
In the “Your approved links” field, enter:
macufy.com
Do not include https://, subpaths, or query parameters.
Where exactly to add it
Follow this path in the Extranet:
Property → Messaging preferences → Security settings → Your approved links
Click Add a link, enter macufy.com, and save the changes.
Once added:
Guests will receive the online check-in link correctly
Messages will no longer display “[link removed]”
Communication remains compliant with Booking.com’s security requirements
This process matches Booking.com’s recommended setup for check-in, payment, and automation providers.
Additional best practices
Review approved links periodically
Remove domains you no longer use
Apply settings to all properties where relevant
Send a test message to confirm delivery
Keep internal documentation of authorised domains
Conclusion
Enabling link sharing in the Booking.com for Partners Extranet is no longer optional—it is a mandatory step for maintaining effective and secure guest communication. The approved links system protects guests from fraud while giving properties the flexibility to use external tools.
By following this step-by-step guide and adding domains such as macufy.com, you ensure that online check-in links and other essential resources reach guests seamlessly, improving both operational efficiency and the overall guest experience.