Is it possible to make the key dynamic (i.e. users can put in their own api keys) in the plugin editor.
This will allow building of apps where we want users to put in their personal api keys for a service.
2 Likes
No it’s not possible currently. But you can hack this very easily yourself with parameters.
Be careful, if you store API keys and leak them with wrong privacy policies, you’ll be responsible for the damage… You’re basically asking users to provide their passwords…
So this can be hacked easily only in certain types of authentication e.g. key in header.
But in other types of authentication e.g. username password (HTTP Basic Authentication) this isn’t so simple.
Regarding leak, yes completely agree. An approach can be to not store the keys at all but have them enter it every time they visit the page (then put it as value of a custom state on page, hence never making it to the database).
Any idea on how to accomplish this with HTTP Basic Authentication?
What’s the API and is there documentation? The authentication method is determined by the API you are accessing.
It is possible to use Basic Auth. You need to take the info from http://developers.timekit.io/docs/authentication with the Bubble API Connnectior
I’ve already implemented it through the API Connector using Basic Auth. I’m trying to figure out how I can use dynamic info to authenticate multiple users.
Doesn’t each user usually need to authenticate themselves individually?
yeah but I don’t know how to do that within Bubble. I believe I have to encode to Base64 with the user’s email and api token.
It really depends on what you are trying to do (see other thread).
If you are just using Timekit as a resource, hidden from the user, then you can create a user within Bubble and use the API key as I have described.
If the User is already on Timekit, then you can ask them to input their email and password and you can grab the API key by calling the Auth endpoint.
Either way you will need to base64 encode the Userid/Password combo for subsequent calls.
Whilst this is all at the trickier end of Bubble programming, it is all possible.
1 Like
I use timekit. When you create a user in timekit, an Api-token is generated. Store this on the user in Bubble, and make the api call with the users email and api-token. 
u dont need a password.
1 Like
Yeah, Nigel helped me out on the other post. My problem was because I didn’t select the “None or self-handled” option for the API in the API Connector.