Is it possible to send a dynamic key in header of API Workflow?

There is a service that I’d like to use that requires an auth token to be sent in the header of every request. That auth token expires after an arbitrary period of time (let’s say an hour).

How can I set up an API Workflow to store an auth token, and then use that stored auth token in the header of an API call thru Bubble?

Hi @samudzi

An interesting concept. First you need to get your Bubble API authentication token (API-1), including the expiration date-time. When you access the other API (API-2), you check the date-time value and reject the call (terminate) if it is expired. I’ve never done it before, but it’s doable. In header? any expert here will let you know :slight_smile:

Well, if you can achieve it via one the Bubble authorisation methods, then it will do all this for you, as well as store the token (but it doesn’t do expiry/reauth which is annoying) securely.

Using something like a bearer token in an API call just needs you to set up an API connector with the header field called Authorization and then in the value put Bearer djsakdjskl…etc

It will depend on what the token is, Bearer or Basic or other, as to how you do it.

Storing a token and the client keys within bubble is not a particularly great idea, as anyone (including collaborators) then have access to your user data.

I hear you about the poor security around storing tokens, but the above is a huge reason why I’m exploring doing so. The API source that I’m using also has a javascript sdk, so I may go that route as the API workflow route with reauth is actually far more complicated than injecting some additional javascript

Did you find any solution here? Having the same challenge

I ended up just manually importing the entire external dataset as json and uploading it to bubble. Managing the API way is more complex via Bubble than it is just creating a custom python + nodejs app

+1 on this question.

I’m thinking of creating an action that chains the two calls together - the call that gets the API token, and then I use that token in the next call. Is it possible to load in the value of a header key-value pair dynamically?

Hey @Brenner,

I needed the same to work with PayPal API and found this reply. Seems working!

1 Like