JohanSilva
Correct, this is by design. We do not add the typical Authentication Token to Ticket links when collaborators are added to the response. Reason being is a collaborator could then use that link to impersonate the ticket owner. Since there is only one email generated with the ticket owner as the To header and the collaborators as the CC header there is no way to selectively generate different links.
The way the Ticket owner or CC could use the portal at that stage (if they don’t have an account) is for them to click the Check Ticket Status button on the Client Portal Landing Page to provide their email address and Ticket Number to view the Ticket.
Please note, it's highly recommended that you have the Admin Panel > Settings > Users > Client Quick Access setting enabled so attackers can't use a person's email address and just guess random Ticket Numbers to gain unwarranted access. When you have the setting enabled and the User or CC inputs their email address and Ticket Number the system will send them an email with the authentication token to view the Ticket as normal. When you have the setting disabled and the User or CC inputs their email address and Ticket Number the system will just let them view the Ticket without further verification. As mentioned above this can be dangerous and could lead to unwarranted access.
Another idea is to add the %{ticket.thread.complete} (or %{ticket.thread.complete.reversed}) variable within the Response/Reply Template (under Admin Panel > Emails > Templates > click your desired Template Set) which will include the full Ticket Thread correspondence in each response so they don't really need to go to the portal.
Cheers.
