Thanks. I figured out the JS piece above. I just prepended the base URL onto /db like this:
"javascript:if(confirm ('Are you sure you want to delete this record?')){location.assign( 'https://company.quickbase.com/db/"; & Dbid() & "?act=API_DeleteRecord&apptoken=xxxxxxxx&rid=" & [Record ID#]& "&rdr=" & URLEncode(�WEBSITE TO REDIRECT TO�) & "')}"I didn't assign a user token, since the report is public (or set to Everyone On The Internet). I need to do more reading up the link you had sent over, since I don't fully understand the difference between the different tokens and tickets.
In the event that I restrict it and I choose to use an API_DeleteRecord, what is the best method to fire the delete record. For example, do I just hardcode the link (
https://company.quickbase.com/db/xxxx?a=API_DeleteRecord&rid=13&rdr=WEBSITETOREDIRECTTO), which achieves the same as the JS above, or to Avi's point, would I use like a PHP POST to hide the apptoken?
