ContributionsMost RecentMost LikesSolutionsTarget Group and "Only Group's Records"Hello! I have permissions in my app set up in such a way that it will only show records that belong to the "Target Group" of a user. There is relatively little documentation on this feature, and I was wondering if anyone could shed some light on how it works, because it does work for my needs, but I have no idea how exactly it is working... My guess is that when a person makes a record while in the group, that record is "assigned" to the group he is under. Then, if the user is moved out, and if other users are added to the group that has access to that record, they can all see and modify it even though the original creator is no longer present. Am I thinking along the right track here? Is there more to it? Just looking for some possible clarification! Thank you! ------------------------------ - Sterling Long! ------------------------------ API Call to add to target groupHey guys! I am trying to automate adding a user to a target group but I can't seem to find a lot of documentation on this. Is there an existing API to make this happen? Thanks for your help! ------------------------------ - Sterling Long! ------------------------------ Re: Webhook URL endpoint using field valueK, again, thanks for all your help Mark! I really do appreciate it =) The constants idea works beautifully. ------------------------------ - Sterling Long! ------------------------------ Re: Webhook URL endpoint using field valueOk, I'll start by saying I should not have mentioned the https thing, it's simply a requirement by QB Webhooks that I found a little annoying. Not super important. The bigger issue is to follow, let me see if I can give a better example. With some pictures. Alright so if I do this: And type out the URL completely, then the webhook works perfectly and can ping google. Google is an example here. If I do this (Using the constant that you helped me make Mark), pulled in from another table: Where the contents of [TestURL] are www.googe.com/ I end up with this error from the webhook: Quickbase URL encoded the field. Which I can understand being necessary in the body, and necessary in URL parameters. I hope this makes more sense of my problem, sorry I was too vague before. I've been thinking about this for a while so I just kind of assumed it would be easy enough to understand. The URL encoding seems to happen automatically. There is no code here, no javascript, etc. Just me trying to use a field and its contents as a URL. Which seems to go against intended purposes. Using a field as a URL isn't necessary. It simply allows me to ensure that all the URLs are the same by using that one field, and if the endpoint URL ever changes, I just have to change it in my constant... It makes upkeep much simpler. All the thing are simpler with this. Let me know your thoughts, and if anything doesn't make sense let me know. I should note that it does this when the field is both type text and URL. That has no effect. The URL encoding still happens in the same way. ------------------------------ - Sterling Long! ------------------------------ Webhook URL endpoint using field valueAlright, so I have run into an issue using a text field with a URL in the URL endpoint of a webhook. For 1, the webhook requires an https:// at the beginning, which is fine, I understand that, but what if the field's text has that there? For 2, the text in the field is URL encoded before it is placed into the URL, which causes some major havoc and breakage when the URL is called. So my question: How can I stop this? =D I don't want to share my specific URL with anyone for privacy reasons, but it is feasible to test this with any URL as a text field in the table, then simply pass that field's value to the URL in the webhook. Let me know your thoughts! Thank you! Also, if it's Mark who responds to this, a double thank you to that man, and a Merry Christmas. ------------------------------ - Sterling Long! ------------------------------ Re: Using an app variable in webhookWhy didn't I think of that. Thank you very much Mark! As a further question, I have implemented this idea, however I still have one more issue. For some reason, the Webhook encodes the text of my URL when I put it in as a field in the endpoint URL. Do you have any idea how to make it not do this? Or any idea how to avoid it? My searches have been in vain thus far. Thanks for your help! ------------------------------ - Sterling Long! ------------------------------ Re: Using an app variable in webhookIs it possible to have multiple variables in that Global Variables table? From your description it doesn't sound like I can, due to it being a relation. So, I'm assuming 1 table per constant. Is that correct? ------------------------------ - Sterling Long! ------------------------------ Using an app variable in webhookHey all! As a programmer, I love it when I can define a constant that I can use everywhere. That way I only change one thing when/if that thing changes. App variables are these beautiful constants. However, I can not find a way to use app variables in a webhook, which feels like an oversight to me. Currently, I am trying to use an app variable in the URL of the webhook. First off, it's a little annoying because the webhook URL must start with https://, second, it's annoying because I can't use app variables here. As far as I know. I tried creating a field that was just the app constant, because I do have access to fields and their values in a webhook, but it altered the slashes and turned them into % things that the URL didn't know how to handle. So, how can I use an app variable in a webhook? Or is there some other way to have a constant? It would be even better actually if I could share it between apps. =) Thanks for the help! ------------------------------ - Sterling Long! ------------------------------ Re: Application Token Not Working?I'm a goof, I just read this: Authenticating with a user token: If you authenticate yourself to Quick Base with a user token, no application token is needed, even if one is assigned to the app you're accessing. The user token can be assigned to one or more apps, and provides built-in security that ticket authentication does not. However, user tokens are not allowed for all API calls. My question then is how do I stop my users from just making a User Token and getting access to the information I don't want them to have? Normally, I would use roles. But I was steered away from doing that by a few QuickBase gurus. So I thought of hiding the table and blocking API access. But apparently that won't work either. What other options do I have? ------------------------------ Sterling Long ------------------------------ Application Token Not Working?Hey guys! My app has the "Require Application Tokens" field checked to true, however, I do not need an app token to use the QB API and pull data from it. I would really like to create a more secure environment here and block users from viewing all of the data in certain tables, but I still want to give them read access to those tables so that the app can continue to function for them, only pulling in the data that they need from those hidden tables. The only issue is that users could still get access to this hidden, and valuable, information using the QB API, and despite my attempts, I can't seem to block the API from pulling information from the hidden table. The app token doesn't seem to function here. I am using a User Token to make the request. Is there something special about having a user token that makes me not need an app token? If that is the case, how do I block people from using the API on tables they should not be able to see? ------------------------------ - Sterling Long! ------------------------------