This isn't related to the question you asked but if you're hard coding your user tokens into the code pages you might want to consider using this endpoint to get temporary user tokens instead:
https://developer.quickbase.com/operation/getTempTokenDBID. Any users with access to the app that your code page is part of can read the source and retrieve the token you used. Maybe that's not an issue in this use case if the token has the same or less access than all of the users of that application, but if it has more (or it's an access token created by a Quick Base admin user because those always grant access to application level and audit APIs) then those tokens can be used by someone to elevate their privilege. Even in the scenario where the token has the same or less access than users, if it has create/modify access then users could use the token to obfuscate their own actions within the application.
------------------------------
Nathan Hawe
------------------------------