This topic explains ways you can reduce your risk while implementing the EOTI role.
Use IP Filtering
You can disallow access to any Quickbase app from any network except your trusted network using IP filter rules (available in certain plans), only allowing the IP address or networks you define. You may limit access to the app from only the corporate network or VPN, as an example. This is useful for cases when you want to collect form submissions from internal staff who are not Quickbase users. In this way, your EOTI form is only available internally, not on the Internet.
Using custom permissions to allow access to records
Use custom table-specific permissions in Quickbase to limit the view of the parent record using one or more of the following rules:
When a child record has not been submitted (using a summary field).
For a limited period of time by using a Formula-Duration or Formula-Numeric field, for example, only within two minutes of the record being created.
Until another event is completed, such as selecting a checkbox field on the record.
Important: These permissions should never be used if the record data is not meant to be exposed publicly.
API usage with EOTI