I'm consuming Post Login API with Authentication Header which will provide Bearer Token in Response that I can use for our further Api. But can't figure out why authorization is not working correctly.
I need to know how can I use Token which I get in response from Login API for other Apis Authentication dynamically.
Hello Hammad Ali Jahangir
Store the Bearer Token in a variable or an entity record, so that it can be reused for future API requests.
Set the Authorization header of subsequent API requests to "Bearer" followed by the token value.
Make sure that the Authorization header is correctly formatted and included in the request headers
Create a global variable to store the Bearer Token:
Go to the Data tab in Service Studio.
Click on the New button to create a new global variable.
Name the variable "BearerToken" and set the data type to Text.
Save the variable.
In the action that consumes the Login API:
Parse the response JSON to extract the Bearer Token value.
Assign the Bearer Token value to the global variable "BearerToken" created in step 1.
In the action that consumes the other API:
Add a Preparation to the action.
Add a HTTP Header to the Preparation, set the Header Key to "Authorization", and set the Header Value to "Bearer " + BearerToken.
Make sure to replace "BearerToken" with the actual name of the global variable created in step 1.
Save the Preparation.
Call the API in the action flow and the Authorization header with the Bearer Token value should be included in the API request
I've used rest api of Post login it is giving token in response. How to store that response in entity or global variable ?
Do I need to use onBeforeRequest or onAfterResponse event as well ?
I'm confused
What is your confusion about? Srinivas explained in detail how you can do what you are asking in response to his post.
Hi Hammad,
I assume that the retrieved token has a expiration in seconds involved.
Create an entity TOKEN to save the token, fields Id as autonumber, token bearer as text, expiration as date time, it will work as a token cache.
Calculate expiration datetime based on current date time+expiration in seconds.
Whenever you do a call to other Apis check the entity Token, if is still valid retrieve the cached value, otherwise generate a new token and update the cache record.
Hope that it helps you
There is no time limit. The token changes once the Post Login Api runs. It has no time limit for expiration. Just want to know how to store that token which I'm getting from Post login Api response to use it dynamically when I'm using other Api.
You can use the same logic and save the the token in the entity without expiration field.
For Api calls just get the token from the aggregate of TOKEN entity.
After the assign in your screenshot you can use CreateOrUpdate Entity action and save the response in DB.
Is there any other issue you are facing ?
Thanks!
Hi,
This is something like a follow up question for the above. How will or should the above approach behave if the token value depends on each user. ie., the token in login response is for that particular user rather than any user who logs in.
Hi Malavika Akhilesh,
Besides the token and expiry date time , you will need to add to the entity the user as well.
In every request before requesting a new token check in the entity by user if there is a token and if the token is still valid.
If yes retrieve the saved value.
If not request a new one and save it by user.