API authentication

Hi, I’ve seen several posts in the forum about plugins and API service, however I am not sure they are current or address my problem specifically.

Has anyone successfully configured a JWT account to be used via the Bubble API Connector plugin?

I am using the Bubble published plugin for file storage generally, and have also got the Zeroqode service account plugin working, but the problem I have is that either because each plugin authenticates differently or the Zeroqode plugin uses a services account, treats them differently and they don’t have permissions to “see” each others files (nor is there a way to change that - but I would be happy to stand corrected!), and neither plugin seems to really support the way the other accesses folders (Bubble plugin seems to search for folders by name and Zeroqode by id and there is zero crossover between them - again, I’d be happy to stand corrected).

My client is too embedded with the Bubble plugin now - over 4GB uploaded to via this account now, however I need to extend the functionality beyond what this plugin provides for existing folders and files - features the Zeroqode plugin tantalisingly offers, with the exception of the sharing issue above which I can’t get around.

Solution Options:

  1. Discover I am missing something with these plugins and stand corrected on my points above

  2. Work with the plugin publishers to get functionality extended to add the sharing/search features I need (seems unlikely)

  3. Forget trying to use the Zeroqode plugin, and configure the API Connector plugin to reuse the app authentication being used by my Bubble plugin and start access existing files in my Box account using direct API calls.

It seems like option 3 is my best bet, but I just can’t figure out how to configure the API Connector to use the same app authentication as the Bubble published plugin.

If there is anyone smarter than me at API authentication and using the API Connector plugin and can solve this - I’d love to hear from you.

Or if you have another solution option entirely, I’d also love to hear from you!

1 Like

Bumping in the hope there is someone out there who just hasn’t logged in to see this yet.

I’d recommend this option, but if you’re a beginner you might want to do some digging into the API connector and’s API documentation.

Sound advice @johnny. I went through the authentication guide and focussed on the JWT Auth ( as this is what I have already the Bubble published plugin uses ( BOX Plugin Instructions - Tips - Bubble Forum) as per the screenshot below.

As you can see from the documentation, the first decision is whether we are using the SDK or not. I’m guessing not SDK as the SDK method seem to read the entire JWT config in and provide methods to generate a token without needing to do much more, but the API Connector plugin requires more detail as per this screenshot:

So, assuming we need to following the non-SDK path we need to provide either a public and private keypair OR a client id and client secret. As per the screenshot above, it looks like we are using the public/private keypair path.

So, as per the documentation:

…all prereqs have been met in order to configure the plugin!!

The question is how to apply the fields in the config.json file to our API Connector JWT auth?

Private Key is the only really obvious field.

How about:

  • Scope? Is this the same as publicKeyId?
  • Iss (account email)? Am guessing this is the same email as used on the admin account the owns the JWT application in
  • Access token endpoint? Am guessing this is the URL of the Bubble application I am building?

I’ve tried lots of different combinations in these fields without much luck and I’m finding the API guide not much help from here as it offers a lot of coding examples and I don’t really know how the API Connector plugin is coded…

Any ideas? Anyone interested in helping me solve this? Would be happy to pay for time at this point.

Hmm… I’m not the best at APIs, perhaps @Jici could help?

Bumping again and adding @emmanuel hoping someone from the Bubble team can offer some guidance.

Actually, I have found a post covering the exact same issue from three years ago:

Box - API Connector JWT Authentication “Invalid Client Credentials”, “No Start Line”, “Wrong Tag” - Need help - Bubble Forum

No response from Bubble then - perhaps some assistance this time around given the standard of the documentation for JWT configuration in the API Connector plugin documentation:

@greg.nallie - I’d be keen to chat to you further about your solution from your post also if you’re still around and happy to share.

I gave up and used something simpler instead… hopefully Bubble has developed around it by now or can offer some additional help, sorry I can’t help further.