You should not generate an initialization vector from a secret key. The initialization vector must be unpredictable for this message; if you generated it from a key (or the password used to generate the key), IV will always be the same as its target wins.
However, IV should not be secret. Very often send it with encrypted text, unprotected. Including IV in the URL is much simpler than trying to track the IV for a given link in some state on the server side.
Salt and IV have different applications, but they act in a similar way.
Cryptographic "salt" is used in password-based key derivation algorithms; storing a hashed password for authentication is a special case of this function. The salt causes the same password to give different hashes and prevents “dictionary attacks” when the hacker pre-calculates the hash values for shared passwords and creates a “reverse lookup” index so that they can quickly find the password for this hash. Like IV, the salt used is not a secret.
The initialization vector is used with block ciphers like DES and AES in feedback mode, for example, CBC. Each block is combined with the next block when it is encrypted. For example, in CBC, the previous block ciphertext has XOR-ed with the plaintext of the current block before encryption. IV is randomly generated to serve as a fictitious starting block for the boot process.
Since a different IV (or at least the selected one) IV is selected for each message, when the same message is encrypted with the same key, the resulting encrypted text is different. In this sense, IV is very similar to salt. A cryptographic random generator is usually the simplest and most reliable source of salt or IV, so they have similarities.
Cryptography is very easy to mess up. If you are unsure of your actions, you must consider the value of the information you protect and, accordingly, the budget, in order to receive the training or advice you need.