“Stored Connection” is our term for the way the Form Engine now encrypts User Tokens and App Tokens, so those tokens can provide their functionality without needing to be displayed in a form’s URL any longer. This strengthens security for forms that handle sensitive data. It also improves and simplifies other functions. (Ex. it can enable “Add Record” versions of forms to automatically authenticate users without your Quickbase apps needing EOTI permissions).
The Form Engine will now prompt and require you as a builder to assign a Stored Connection to every new Form Engine form you build (a simple step for best functionality and security).
These new encrypted Stored Connections are built into the form-building workflow for new forms, but do not affect existing forms or their buttons/URLs unless you want to create new buttons/URLs for those forms. Any new URLs you create will have encrypted tokens. You should not need to create new form URLs for existing forms that currently use User Tokens unless you think you need to increase the security in those forms. (Form Engine forms have always been secure to Quickbase standards, and they will now be even more secure. Contact us with a support ticket with any questions).
When you apply a Stored Connection to forms, it will include either a User Token or an App Token.
For new templates: create a New Template as usual, choose your target Quickbase app, and then you will be prompted with a Connections screen:
If pre-existing Connections have been created, they will display and you may choose one with the correct permissions for this form. Or create a new one that conveys the permissions you want for the form.
To create a new Connection, click the green + button and complete the form.
A Connection Name is required, and as the Tip suggests, make it very descriptive, since the only information you will have about each Connection is in the name you give it.
Then input a User Token if you want the form to automatically authenticate your users of the form (meaning they do not need to be named Quickbase users, and will not be prompted for a Quickbase login to use the form). The User Token link will take you to your User Tokens in Quickbase, where you can copy and paste an existing one, or create a new one and paste that into the field in this form.
If you do not want to auto-authenticate your users in a form, input an App Token instead of a User Token. This will enable the form to interact with Quickbase, and the QuickBase permissions in your app will control how users can access the Form Engine form/document/presentation. (Ex. if you do not have EOTI permissions enabled in your Quickbase app, the form will require the user to log in with their Quickbase credentials to get to the form/document/asset).
Submit the Connection form when completed, and it will encrypt the User or App Token and use it under the hood in the form.
Related Article(s)
Stored Connections - Existing Template