Forum Discussion

BrianCafferelli's avatar
BrianCafferelli
Quickbase Staff
8 years ago

How can I add an approve or reject button to my email notifications?

How can I add an approve or reject button to my email notifications?



In a recent webinar, a customer asked how they might use an email notification to embed an "approve" and "reject" button such that when their client opened their email, they could make the selection right there in the email and the result would be to update the record and log the client's choice to include an audit trail of the person, the decision date and time.





You can do this with a simple Formula URL button and the following sample code:

URLRoot() & "db/" & Dbid() & "?act=API_EditRecord&apptoken=eqfdujiwskwidvd3jphn866p&_fid_97=Approved&rid=" & [Record ID] & "&rdr=" & URLEncode(URLRoot() & "db/" & Dbid() & "?act=dr&rid=" & [Record ID])

Where in this example the key field for this project is [Record ID] and the field that is being "Approved" is fid_97. (Update these to reflect your application)

When someone presses the "Approved" button it edits the record and changes the value of field 97 with "Approved" and then redirects to display the edited record.
  • DavidJung's avatar
    DavidJung
    Qrew Assistant Captain
    7 years ago
    I've been looking at doing this with a new app where I need the customer's approval. How secure is using an api token within a button like this? Now I realize I have a publicly posted token on a webform already. Can someone find the token, then use the API for anything else they want to do? Or should I create a user, role, & usertoken specifically for public submissions?
  • DavidJung's avatar
    DavidJung
    Qrew Assistant Captain
    7 years ago
    It's been so long. I need to think about this aloud, sorry. I think the apptoken is further managed access via the everyone on the internet role, if they aren't a logged in user, correct. So like the webform, it would be better to have eoti role set to add records only, than edit records. Or create a middleman php script, that is probably the best way. Sigh, at my limits of coding.