This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

What account should be used for API with query parameter authentication?

Go to solution
Andrei_Y
New Contributor III

2 weeks ago

I have two source TikTok Business and Semrush APIs which use query parameter authentication. I didn't find an appropriate account which I can use for HTTP Client. I don't want to keep secrets in files or pipeline parameters. Maybe I missed something, any ideas on that?

0 Kudos
Reply
1 ACCEPTED SOLUTION

Go to solution
ddellsperger
Moderator
Moderator

2 weeks ago

For TikTok Business, you'll want to use an OAuth2 Account (using the /oauth/token endpoint for the token collection) then you can add the custom header and reference the account's access token with account.access_token it will still be obfuscated in logs and details that we return back to you throughout the course of processing.

For Semrush, you'll want to use the Secured Headers Account and while it will still put those headers into the request, Semrush SHOULD ignore them (I don't see anything that indicates otherwise), you can put the header in the Additional Auth Headers section with they key being key and value being your `API_KEY`, then you can refer to the key as account.key similar to the OAuth2 account. How you refer to it is how it's set up in your account, so if you use API_KEY as the key, you'll need to refer to it as account.API_KEY.

View solution in original post

Reply
2 REPLIES 2

Go to solution
ddellsperger
Moderator
Moderator

2 weeks ago

For TikTok Business, you'll want to use an OAuth2 Account (using the /oauth/token endpoint for the token collection) then you can add the custom header and reference the account's access token with account.access_token it will still be obfuscated in logs and details that we return back to you throughout the course of processing.

For Semrush, you'll want to use the Secured Headers Account and while it will still put those headers into the request, Semrush SHOULD ignore them (I don't see anything that indicates otherwise), you can put the header in the Additional Auth Headers section with they key being key and value being your `API_KEY`, then you can refer to the key as account.key similar to the OAuth2 account. How you refer to it is how it's set up in your account, so if you use API_KEY as the key, you'll need to refer to it as account.API_KEY.

Reply

Go to solution
Andrei_Y
New Contributor III
In response to ddellsperger

2 weeks ago

Thanks! It works. I tested Secured Headers Account for both because the TikTok API request requires app_id and secret query parameters in addition to the Access-Token.

0 Kudos
Reply