Using EOTI to Authenticate Users in Forms:
Enabling EOTI (Everyone-on-the-Internet permissions) is an alternative option to Supplied Connection which enable anonymous (non-Quickbase) users to submit records using the Add Record URL. Here are the recommended steps:
Enable your EOTI Role in the target app, and use these settings for the functionality you want for your digitized form.
Everyone on the Internet (EOTI) permissions need to be turned on so that anonymous users can Add records to the app and target table(s).
If you want them to get a copy of their pdf and to be able to save a copy of the generated pdf, then EOTI needs to be set so anonymous users can View All records in the target table.
If you want to save a pdf copy of anonymously-submitted forms in Quickbase, then EOTI needs to be able to Modify All records in the target table.
To protect against the exposure of other anonymous user having access to View or Edit the records in your target tables, we recommend you set up this Timeout function in your target tables. This will only make a target table record viewable and modifiable for 1 min. after it is created, providing the Form Engine enough time to generate and save the pdf of a form into your Quickbase record, and also allow your form completer to print a pdf if they want one. After 1 minute, the formula removes the View and Modify to anonymous users (in the EOTI Role).:
Create a Formula - Checkbox field in your target table(s) with formula like this:
In your EOTI Role Permissions, set permissions access like this:
Make the Custom Rules for both View and Modify this:
It is also best, if you are not going to have anonymous users submitting forms, to have the EOTI role set to None or removed completely. If the EOTI role has only some of the permissions needed for anonymous users to submit a Form Engine form, they will get this error when they try to submit the form (it will just fail to submit). So testing forms in Incognito mode is a good way to make sure any anonymous users will also be able to submit the form.
If EOTI is not enabled and you expect only users in your target Quickbase app to submit records, then the Form Engine will prompt users one time for their Quickbase credentials for the realm, before allowing them to complete and submit the form.
Important notes about EOTI use: When EOTI is enabled and its role is given permissions in Quickbase, that automatically grants all roles in the app the EOTI permissions in addition to the permissions in each role. Ex: if a named role can only view their own records but EOTI is set to View All records, then that named role will now be able to view all records. Since Quickbase works on this “least restrictive of the 2 roles” basis, be very careful what cumulative permissions you grant to roles in an app using the EOTI role.