01-02-2024 08:52 AM
Hi,
The API owner demands I use a post request first, then get authorized by getting a user token and a cookie token, and only then I can do a get request to retrieve the data. I was able to configure the first part properly, in the screenshot below:
This retrieves a header with a token for the user, and the cookie. My question is - what do I do next? how do I configure the next HTTP Client snap in order to retrieve the data with the get request, and what do I choose as an account? should I use the cookies as a token for the account?
Thanks
Solved! Go to Solution.
01-02-2024 04:44 PM
Ah - its going to depend on the API itself. Likely NO account is required, since you've got a token you're going to pass in a header. I did this recently in an example with monday.com that required only a header being passed. For this, I used the "Secured Headers" type HTTP account, no schema (unless yours requires a specific schema), and just put the needed headers under "Additional auth headers".
HTTP Client Config:
Secured Headers Account Type configuration:
01-02-2024 11:04 AM - edited 01-02-2024 11:05 AM
Hi Terrible:
This is a pretty common pattern, and I find it easiest just to treat the data from your post like any other data - add a Mapper snap right after your post, and extract the values you need, then use them in the next HTTP Client. I'm attaching a sample pipeline that just uses a free API site URL for testing. In the first HTTP Client, I POST the information you gave, in the Mapper snap that follows, I extract my needed data, and in the other HTTP Client I use those data elements from the Mapper in headers using SnapLogic's ability to evaluate a variable. Hope this helps.
Example Pipeline:
Mapper pulls out the data we need:
Then use those data elements anywhere you need them, whether it's in the URL, in the Query Params, or as Header params, or even in a document posted back:
01-02-2024 03:35 PM
Thanks @djsiegel for the quick reply.
What I'm failing to understand is what value do I use for Account in the 2nd HTTP Client snap? and what type of an API account should it be, since the system owner forbids me to use basic auth?
01-02-2024 04:44 PM
Ah - its going to depend on the API itself. Likely NO account is required, since you've got a token you're going to pass in a header. I did this recently in an example with monday.com that required only a header being passed. For this, I used the "Secured Headers" type HTTP account, no schema (unless yours requires a specific schema), and just put the needed headers under "Additional auth headers".
HTTP Client Config:
Secured Headers Account Type configuration:
01-05-2024 02:06 AM
You were right, as no account is needed. I played with it a bit and was able to extract the portion in the cookies that was necessary for the auth. Thanks a bunch!