Yeah maybe add the flowID. Otherwise it seems to be correct… Sometimes when I do these in postman, if there is a space after the token it doesn’t work. When you paste the token in there, check for spaces after the token and remove any.
After reading the docs more, it seems that flowID is required.
Yup, there are no spaces after the token.
Even putting the flowID doesn’t work yet
You could try it without the word bearer. Azure let’s me make calls without or with.
Another idea is to uncheck the box marked private. I’ve seen that cause weird behaviors (or I’m superstitious)
Why store the token in a cookie instead saving it to the database and then pulling it from there? I believe there is a plugin that will encrypt the column storing the token and can decrypt it when it is in use.
storing it in the database will also work. However, I have a developer working on our C# application who wanted us to store it in a cookie and have it expire every hour. in our use case. Then a refresh token will be used to refresh the token if expired. The data accessible with the key is very sensitive financial info so he didn’t want that in the database. but i agree doing it that way will work too.
1 Like
Makes perfect sense - did not see you were storing data related to $$$$
Hello @robertpbrinton I have an application that needs this setting you made. User authentication with dynamic token, but I can’t configure it as you explained. Can you do it for me? I’m sending the app bubble access url and the documentation url. In API Connector already has the login call working.
App link → Apptokendinamico | Bubble Editor
API documentation link → API ConSIGO
The app bubble has two pages, a login and a dashboard. On the dashboard there is a group to show the name of the condominium.
@CharlyGT26 , have you found the solution ?
I am having the same problem
@robertpbrinton
Your explanation video was very good but It misses how you actually refresh the token, could you please describe it to me ?
In this case, I’m not actually refreshing the token even though the API has a refresh token. The token expires every 1 hour, but I just require the user to authenticate again like they did to get the token originally using the email and password.
OK thanks, I think this is a bit extreme for me i don’t want my user to re-authenticate every hour. But thanks for claryfying
Yeah I agree it’s not ideal. This app I have is used internal to our company and not used for more than an hour a day so I didn’t bother to work on that part.
Hi there all! Hope not to bother reopening this thread, but I didn’t see anywhere how you set up the Authentication method in the main API settings.
Is it ok to set it as “None or Self Handled” right?
I’m asking cause I tested it and the API doesn’t work, but I’m not sure if it’s a prob of Authentication or something else I need to check with the team is building the APIs from our IoT backend…