I am working on a webapp that would have a user generate an API key in Bubble, copy the key and place it into a plugin in WordPress to communicate with WooCommerce and Bubble without storing the API credentials from WooCommerce/Wordpress.
Not sure how to generate a key for each user that is stored in Bubble and then used when WooCommerce communicates to Bubble and Bubble communicates to WooCommerce.
Is there a way to pass the key in an API URL encrypted so it is not logged?
So does the generator create a key and then there is some random number that is visible and the primary link to the actual key? Or is the key going to be exposed in Bubble’s logging (talk about a bug…)
Forgot to post - appears to be working well. Going to have the API key inserted into a Plugin with Woo Commerce and see if that Key will enable communication between Bubble and Woo - fingers crossed! Thanks for your help - cool plugin.
Testing in Postman and keep getting a 400 error I think the problem is logging in the user:
So I set up an endpoint called key_access (original, I know) and the endpoint is looking for parameters of email (test) and plugin_api_key (text). That appears to be accepted, so the first action is Login and email is email from the api and password is the plugin_api_key — and that is my problem. I get a 400 error, invalid login credentials. That makes sense.
I need to bypass the Bubble system password for authenticating the user with the api_key instead. The plugin will POST content into Bubble and we want to do it without having to use the Bubble User Password but the API Key instead.
Stuck authenticating in. The key generator works like a charm. The authentication in with the key - different story.
Quick question - the key generator is creating the API keys, but when I go to write into Bubble as make changes to thing, it’s not putting it in the database. BUT when I point a TXT field at the column in the table - it’s revealing the key. Will the key only write if I CREATE a thing (when I initially create the record). Cannot seem to get the API Key to write.