Yes I thought about using a database to store the longer token and send a smaller id that I resolve in the database to get the token. I think this will be more secure. The main problem I am dealing with at the moment is getting the triggeredEmail to send.