Use API_Authenticate to validate a user's username and password. You invoke this call on /db/main (no dbid).
API_Authenticate validates the supplied user name and password, and, if successful, returns a ticket that is supplied in subsequent API calls. The ticket is valid for 12 hours, unless you specify a different value in the hours parameter. In addition to the ticket, a cookie is also returned with the name TICKET. This is the only API call that returns a ticket cookie.
Note: It is possible to use a ticket to obtain a ticket (that is, pass in a ticket instead of a username and password).
Using API_Authenticate is the equivalent of logging into Quick Base. Remember that merely logging into Quick Base by itself does not give you access rights to even a single Quick Base application. You must first be assigned a role in the application by someone who has administrator rights. (See API Overview for more information about how to use the authentication ticket when making API calls.)
You should always use secure HTTPS (not HTTP) when calling API_Authenticate. Quick Base does not support API calls over HTTP.
Note: API_Authenticate calls have a maximum time limit of 4,380 hours, or approximately 6 months. This applies to new tickets initiated on or after January 21, 2018.
The user’s email address registered with Quick Base or the user name that was selected within Quick Base when the user registered.
The user’s Quick Base password.
The number of hours that the ticket will be valid.
This parameter is optional. If you don't supply this parameter, the ticket will expire after 12 hours. There is a maximum time limit of 4,380 hours or approximately 6 months.
A string value that you want returned. It will not be handled by Quick Base but it will be returned in the response.
The originating request, for example, API_Authenticate
Identifies the error code, if any. (See the Error Codes appendix for a list of possible error codes.)
0 indicates that no error was encountered.
Text that explains the error code.
"No error" indicates that no error was encountered.
The authentication ticket needed for application access.
The ID of the current user. The user ID is required for some API calls. The userID persists from session to session.
Optional. Contains any udata value supplied in the request.
where target_domain is the domain against which you are invoking this call, for example, quickbase.com. Read about this notation.
<?xml version="1.0" ?>
Did this help you? Give us a rating:
© 1999-2020 QuickBase, Inc. All rights reserved. Legal Notices.