Need a formula on the original app that constructs a url to an eoti app to a specific record id and field using secure links
App A has a field that constructs a url to the eoti app to include in emails
Email is sent to eoti user with link that allows them access to one document and auto downloads it
Qrew LegendWell, you would just append your URL with &AccessKey= followed by the formula for the Access Key.
Is your application with the single document set up for secure links? Do you have that Permission setup in place and have you invited every on the internet to the target app with a custom rule to view?
Typically, you would use their suggested formula like SHA256 ([Record ID#] on your documents table, and that would be the code for the secure link. So you would simply view that field on the record on the target table and it will have this very long character string which you would copy and paste into your URL that you are emailing emailing.
Feel free to post back if you still have questions about secure links. At first, it took me a while to "get it" as to how they work.
Note also that secure links only guaranteed to work on new style forms. You might be able to get away with viewing on an old form, but not editing.
https://help.quickbase.com/docs/secure-links
https://help.quickbase.com/docs/what-you-can-access-with-secure-links
I could have given more details.....
The EOTI app has a documents table and a link is sent via notification from the main app to that table. I updated the EOTI app to have view permissions for only the file attachment field.
Can the secure link exist in the main app but allow access to a table in the EOTI app?
Qrew LegendBefore I answer your question, maybe there is a much simpler way. If you go to the field properties for the target table that has the file attachment and check the checkbox to allow users to view the file attachment without logging in, then you can use this simple formula
URLRoot() & "up/" & "xxxxxx(table ID on the target table)"& "/a/r" & "record id on the target table" & "/e99/v0"
replace the 99 with the field ID of the file attachment field.
If we want the link to look a little more obscure without the record ID being exposed to the user in the URL, like if you are afraid that they will guess their way into other records on the table, then you can use this alternate format.
URLRoot() & "up/" & "xxxxxx(table ID on the target table)" &r=" & QB32Encode([Record ID#]) & "/e99/v0" ;
If you really do need secure links for that added level of security, then let me know, and we can carry on that discussion, but this may be good enough for your needs, depending on the level confidentiality of the document, and whether or not, you are worried about users, guessing their way into other records on your table
var text accesskey = SHA256(([Record ID#]) & ToUnixTime([Date Created]));
"https://dish.quickbase.com/nav/app/bud2fjk9n/table/bujzbxjuk/action/q?qid=5"&$accesskey
Do I put the get access key formula url on each record in the report of documents?
Qrew LegendAre you trying to provide a link to a single record or to all records on a report? The URL provided was for report number 5. I thought you wanted to give access to a single record. That would be much easier.
that's part of the issue, we want them to see all the documents in the eoti table. I've already created a link that just does the download but that would mean multiple additional notifications
Plus we may have a person that needs to see more than one document
a report of records
Qrew LegendWell, here's the challenge. The typical use of secure links is that you include the Access Key parameter as "&AccessKey=1234xxxxxxxxxxxxxxxxxx that must appear somewhere in the URL on top of the screen you are sitting on.
The GetAccessKey() function looks at the URL and calculates that to be
1234xxxxxxxxxxxxxxxxxx
Then typically you have a custom permission rule that compares the access key that it sees in the URL at the top of the page with a calculated access key based on that SHA256 formula, and you make a formula that says if those match then the users is allowed to view the record.
If you want to send the user to our report where all records on that report are going to be valid for the user than somehow the access key, which is at the top of the screen needs to match the calculated access key on each record.
You seem to have a situation where different EOTI type participants are allowed to see different records.
If you were sending individual links to individual records, then it would be easy because you could just copy and paste the extended URL on the target table, which includes the access key into the link that you send the user.
But if you want to send them to a report, then that means the access key free recorder has to match the access key that you provide at the top of the screen and the URL.
.
