on this link.)

topic for app tokens.

Optionally, you can create an app token directly from the call API_CreateDatabase if you used the createapptoken parameter. However, this can only be done at application creation time.

If some user uses someone elses application token, and there is a complaint about this being unauthorized, the offending user will have access rights removed and the application token will be revoked.

The following calls use a ticket only, no application token:

Login to QuickBase is provided through the API_Authenticate call, which returns a ticket and a ticket cookie. Just like a regular QuickBase login through the UI, the ticket by itself does not convey access to any applications. The application owner needs to assign an access role to the user first. (In addition to the ticket, your app needs an app token.)

After creating your application, tables and fields, and before inviting users to your application, you need to figure out what your system of roles should look like: what tables or fields should be accessed by which role, and what degree of access. All of this is done within Intuit QuickBase directly. The online help can lead you through the process.

If the user is an existing QuickBase user:

You can use API_UserRoles to get all the users that are in roles for your application, along with all of the roles for each user.

In order for someone to use a QuickBase application accessed through the API, they will need to be assigned a role within that QuickBase application by the application administrator. The roles are set up in QuickBase to provide varying kinds of access.

API_ProvisionUser .)