Check a Temporary Access Code is Valid?

I want to allow very limited access to the system to a user that has a randomly generated access code that lasts for a pre-determined amount of time.

This is not meant to be super-secure, but instead allow a user to save data to a database without logging in.

I need a way for the form to check that the access code is valid. What would be the best way to structure that?

Of course I could create an open database that only stores that value. I would prefer that the value was obscured from anyone just digging through the side code, though.

  1. Create a database for access tokens with fields like token, expiry etc
  2. Create a backend workflow to check the access code validity. Ensure the workflow ignores privacy rules. But is not accessible publicly.
  3. Set up this workflow in API Connector or Bubble App Connector
  4. Use the API workflow.

Apply the Privacy rules as needed. Do not expose the tokens.

1 Like

How are you checking the token’s validity? I used a conditional that only continues if the match is there, but then there’s nothing for the API to run.

I simply want it to redirect (note: the conditional has been removed in the screen grab)

Can I attach a state or similar to a user that’s not logged in?