If you log a user in with an action in an API Workflow, Bubble will respond with a token that can be used to authenticate the client in subsequent requests. In the example above we are accepting the email and password as parameters in the API Workflow.
But I can’t figure out how to get the token (which I suppose is the API Key) and save it to the DB and deliver it to the user so he can use it when he makes an API call to my app.
I mean there is a unique API Key that should be delivered to the user for API call authentication, right?
There is no result of step for log the user in and sign the user up actions. So how this can be done?
You’ll create a backend workflow that logs a user in. You then setup the api connector to make a request to this workflow to obtain the response data. You’ll use the api connector action in your workflows.
OK, I made this API action and found that its response includes a token like this bus|1716577514947x598705444092944500|1716608603286x447372536663480200.
Then I used this token as a Bearer API Key for another backend workflow and it worked successfully.
But now I need some clarification about how this should be organized because as I can understand, this needs the following:
When the user creates a new account in my app, I have to use an API action that includes the sign the user up action, so I can get the token, provide it to the user as an API Key, and store it in the database.
*Every 12 months this token will expire, so I have to generate a new token, deliver it to the user, and change the stored one.
Is this how API Workflow Authentication works in Bubble?
@doug.burden
OK, I made this API action and found that its response includes a token like this bus|1716577514947x598705444092944500|1716608603286x447372536663480200.
Then I used this token as a Bearer API Key for another backend workflow and it worked successfully.
But now I need some clarification about how this should be organized because as I can understand, this needs the following:
When the user creates a new account in my app, I have to use an API action that includes the sign the user up action, so I can get the token, provide it to the user as an API Key, and store it in the database.
*Every 12 months this token will expire, so I have to generate a new token, deliver it to the user, and change the stored one.
Is this how API Workflow Authentication works in Bubble?
Me personally, I’d just store the token and offer it to the UI where the user can freely generate/regenerate tokens. And how you’d do this is, with the action “Log out other users sessions” and re-run the api workflow to obtain the token. If stay signed in is checked it’s good for 1 year. If it isn’t the token expires in 24 hours. On your response format, change the expiration to ‘Date (UNIX)’.
