How can I add an approve or reject button to my email notifications?

I've been looking at doing this with a new app where I need the customer's approval. How secure is using an api token within a button like this? Now I realize I have a publicly posted token on a webform already. Can someone find the token, then use the API for anything else they want to do? Or should I create a user, role, & usertoken specifically for public submissions?