Edit submitted record - without authentication

Ahmad · October 25, 2021, 1:29pm

Please note that I need a way to edit Kobo toolbox already submitted record without authentication.

I found a way to get the edit link from this API but it needs authentication

https://kobo.humanitarianresponse.info/api/v2/assets/[FORM_ID]/data/[_uid]/edit/?return_url=false&format=json/

Josh · October 25, 2021, 4:38pm

Hi @Ahmad, unfortunately there are only permissions to make viewing submissions public not the editing of them. Using that API endpoint is likely the best way for this and perhaps you can create a separate user with permissions to edit submissions. In that way you can use the token from that user to authenticate:

curl -X GET 'https://[edit_url]' -H 'Authorization: Token [TOKEN]'

Ahmad · October 26, 2021, 9:11am

Thank you so much dear @Josh and well noted.

Another two queries:

Is there a way to increase the time for the edit link that is being generated from the data table (I believe that it remains valid for 30 seconds only).

Also, is there any (Steps, training) to use the token for authorization?

Again, many thanks this is was very helpful.
Regards,

Kal_Lam · October 26, 2021, 9:20am

@Ahmad, you should be able to get the token as outlined in the support article Using the API.

Josh · October 26, 2021, 3:54pm

Hi @Ahmad, unfortunately the 30 second expiry is not configurable unless you run a custom Enketo instance. It can be configured here:

github.com

enketo/enketo-express/blob/master/config/default-config.json#L23

    
      
                      "allow insecure transport": "false"
                  }
              },
              "ip filtering" : {
          	    "allowPrivateIPAddress": false,
          	    "allowMetaIPAddress": false,
          	    "allowIPAddressList": [],
          	    "denyIPAddressList": []
              },
              "timeout": 300000,
              "expiry for record cache": 30000,
              "encryption key": "s0m3v3rys3cr3tk3y",
              "less secure encryption key": "this $3cr3t key is crackable",
              "default theme": "kobo",
              "themes supported": [],
              "base path": "",
              "log": {
                  "submissions": false
              },
              "support": {
                  "email": "support@example.org"

Ahmad · October 26, 2021, 4:36pm

Thank you so much @Kal_Lam and @Josh

Ahmad · October 28, 2021, 5:52pm

Hi @Josh and @Kal_Lam .

Please note that I have worked on a script to have the ability for the edit based on the above API. But I am facing the CORS ‘Access-Control-Allow-Origin’ error.

Any ideas to pass this

Many thanks in advance

Josh · November 1, 2021, 4:12pm

Hi @Ahmad, we can discuss this here: