Articles of interest to QuickBase folks
How to Use Tickets: Tickets vs. Username and Password
If a user is accessing a QuickBase application through a web browser, once the call to API_Authenticate has been made successfully, the ticket cookie will be used automatically: there is no need to explicitly supply the ticket value as returned in the XML.
If your implementation isnt through a web browser or you cant use the cookie, you can supply the ticket value explicitly between the <ticket></ticket> tags as we show in our samples. What you should not do is hardcode the username and password parameter (and their values) in your request, even if it is over https.