Forum Discussion

JCY's avatar
JCY
Qrew Trainee
1 year ago

Secure link to a report

Secure links to reports are mentioned in the Quickbase documentation and multiple places on the Quickbase website, but I can't find a single example.

I understand how secure links can be made for forms and records and know there are examples of this in the Exchange. But there is no example of how to create secure links to reports.

I figure one way to do it is create a key generator field, then an ask the user report, and filter to records where the result equals the key value. But just wondering if anyone has any other, better ideas?

7 Replies

  • Well the table itself is open to EOTI subject to a Custom Permission rule.  So I think the concept is not really that the link to the Report is Secure, but the set of records which is returned meets the criteria of the Custom Rule.   So you need to come up with a strategy that the records themselves are "Secure".  

    So for example, let's say you had outside EOTI Vendors  and the report was a report of Open Purchase Orders.  Each PO knows the Vendor ID#, so you can make a Secure Link based on that Vendor ID# so that when you send a link to a report of the Open POs, that Vendor could not "hack" into other Vendor's Purchase Orders.

    • JCY's avatar
      JCY
      Qrew Trainee

      Thanks for the reply Mark.

      I thought about your example carefully and tried it out on my builder account. The part that is not adding up for me is:

      > but the set of records which is returned meets the criteria of the Custom Rule.

      I have tried many things but can't see any way to have a custom rule that evaluates the keys for individual records on a report page.

      Maybe I'm missing or misunderstanding something, but for example:

      I add EOTI access to an EOTI specific role, and their custom view permission is to only view records where the "Valid Key" formula field is checked. This works for viewing the specific record, but how that does work with reports? On the report page, the access key of each individual record could not be evaluated for the record to have anything to check and validate it against. I also tried to do it with report formulas, but no luck either.

      I suppose the only solution is to assign a secure link to records based on a common field, like your example, and create an ask the user report with the resulting secure key to filter... but I'm not sure. I wish Quickbase provided at least one example of this feature as applied to reports.

      • MarkShnier__You's avatar
        MarkShnier__You
        Icon for Qrew Legend rankQrew Legend

        Right, so like in my example (where all the records on the report where for the same [Vendor], the records on the report would have to have some value in common so that the secure link will work for all those records. Do the records on a report have something in common with each other?  

        Can you be a little more revealing about your actual use case so I can brainstorm with you. What is the report of in your real world?

  • JEK's avatar
    JEK
    Qrew Member

    I'm stuck on this too. I want to email a secure link to view a report, but in my case the report is not vendor specific (to keep with the above example). So the records in the report do not have anything in common with each other. 

  • @jek

    Is there any chance you could go into Grid Edit mode and Mass update a set of records with some numeric value all the same. Then you could construct a secure link that would work on all records that have that value. Or are the same records being sent out to multiple different recipients but organized on different reports?

    • Denin's avatar
      Denin
      Qrew Captain

      You don't have to mass update a set of records. What I did was create a formula and use the same SHA256() formula used to create the secure links, but in a Formula - Text with some common value or random generated string so it would be the same across all records. Then create an ask the user report and get the URL pointed to that with the "key" already filled out. That said, I don't feel like this is a great solution.

      Another option is maybe to create a table or new form and display a report, the report should display records if the secure link is read by the form as it normally would be. Also not the ideal solution, but one option to consider.

  • Hopefully this helps add to the discussion. I have a few use cases where we have an EOTI app with dashboards, reports, and other components. In those scenarios, the secure link is mainly used to narrow down the records, but it doesn’t interfere with any of the surrounding functionality.