O'Reilly logo

QuickBase: The Missing Manual by Nancy Conner

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Enhancing an Application’s Security with Tokens

As Chapter 11 explains, QuickBase offers an API (application program interface) that lets developers create Web pages and programs that interact with QuickBase. This can be helpful if your organization wants to create a specialized program for interacting with its QuickBase applications, automate processes, or set up a central Web page for working with applications. But if you’re security-minded (and these days, who isn’t?), you want to make sure you allow only authorized API calls. (An API call is a programming function contained in a library. Programmers use API calls to interact with QuickBase for a specific purpose, such as to get a record, add or delete a field, change a user’s role, and so on.) To make sure that incoming API calls are legit, you can use tokens to beef up your application’s security.

A token is like a watchdog for your application, letting allowed API calls through but keeping the bad guys out. It's a string of characters that gets inserted into an API call. That string of characters has to match the token you’ve assigned to the application, or the call gets blocked. As the application’s manager, you decide whether the application requires tokens. Requiring tokens is a good idea simply for the added security it gives your data—this is especially important for applications that hold sensitive or confidential information, such as financial data or employee records. If an API call doesn't contain the token, it can’t ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required