How to manage an authentication token across workflows

Hello,

So my question might be a noob question as I am not a developper and don’t have some of the basics.
I have the exact same question as here (probably for the exact same API too).

I make an API call to get a token which I then can use. I have noticed the token expires but the documentation provided is really light and the INPI (french IP office does not provide any support) so I don’t really know when.

  • I use this token in half a dozen workflows.
  • Getting a new one cancels any previous one.

I have an idea in mind but I don’t know if it’s optimal or if there is now some built-in way to manage this issue. Here it is

  1. Setting up a “get token” workflow with the following steps:
    a. Activated when called
    b. Test if token works
    c. If yes, continue – If not, get a new one
    d. Answer with token
  2. Putting this “get token” workflow at the beginning of all workflow requesting this API.

My issue is that it will heavily impact API rate because I will need to trigger it for before each enrichment and it adds an additional call to the API for each row enriched.

So now I am considering getting the token only in case of error but if the error is unrelated it seems sketchy.

How do you handle managing a token like that?
Any best practice?

Thank you!

Hey @Joachim_Brindeau,

If it was me I would build a custom node for the service and handle it in the credential file, Without seeing API docs though it is a bit hard to say. I think your approach of a workflow to manage that would work although rather than at the start of the worklfow you could trigger it if the node that calls the API fails so you would set it to continue on fail then check the output if it has failed get a new token and try again.

2 Likes

Could you please elaborate on that?

There really is no instructions except on how to retrieve the token as translated below from the doc.


Connection

The connection is made by calling an API using a username/password pair.

Method POST
Access URL: https://registre-national-entreprises.inpi.fr/api/sso/login
Test access URL: https://registre-national-entreprises-pprod.inpi.fr/api/sso/login

Inputs:

  • username = User account login (as provided during the creation of your account on the Eprocedure portal)
  • password = User account password (customized)

JSON to send in the BODY:

{
   "username":"your_username",
   "password":"your_user_password"
}

Outputs:

  • In the response, provision of a token XXXXXX
  • This token must be sent in the Headers: Authorization: Bearer XXXXXXX

Example response:

{
   "token":"XXXXXX",
   "user":{
      "roles":[
         "ROLE_FO_USER"
      ],
      "id":111111,
      "email":"[[email protected]](mailto:[email protected])",
      "firstname":"First Name",
      "lastname":"Last Name",
      "civilityCode":"MS",
      "address1":"15, street address",
      "zipCode":"92000",
      "city":"City",
      "countryCode":"FR",
      "hasCompany":false,
      "isManager":false,
      "officePhone":"0155555555",
      "lastLogin":"1909-11-16T11:37:19+01:00",
      "active":true,
      "correspondenceEmails":[
      ]
   }
}

I made some progress!

The workflow below successfully keeps a token stored on github.

I still have the issue of wasting API rate checking if the token works.

I see I can delete or create a credential but the best solution for me would be to update the credential in the event the token is renewed.

:point_right: Is it possible to update a credential using this workflow?

Thanks!

UPDATE

Made some progress. To avoid wasting API rate to check the token, I know have a parameter in my webhook trigger depending on if it was trigerred following an error or not.

So now I ask the workflow for the latest token, and if it doesn’t work I can refresh it using the same workflow:

I would prefer to have this logic handled in credentials but at least it works for now.
Any advice on improvement is welcome!

1 Like

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.