Passing an API token to another API within Celigo (via scripting or connectors)
Passing an API token to another API
Here's the scenario. We're using Plytix, which has two different APIs essentially, one for AUTH and the other for retrieving/posting information as follows:
https://auth.plytix.com/ (authentication) - Token-based, with a refreshToken required every 15m
https://pim.plytix.com (product information management) - needs the token generated from the auth to enable querying or updating of information (of course, it needs to be authenticated).
Unfortunately Celigo only seems to support relative URIs (e.g. https://pim.plytix.com/auth/), rather than those based on sub-domains (e.g. https://auth.plytix.com/ and https://pim.plytix.com).
So, my question is how can this be done either via a script or can two connectors pass information to each other?
I'd prefer not to get into serious coding to be able to facilitate this, though it may be unavoidable.
I can get this to work without issue in Postman, as it can be told to use environment variables or to inherit from parent, which don't seem to be options in Celigo either? If this is not the case, can someone provide some guidance on this.
We already have the Netsuite to Celigo part of our integration written, though now need a way of pushing the information from Celigo into Plytix.
This is going to be an integral part of our business flows given Plytix will essentially work as our product information management system for pushing all of our product information into Shopify (and no, we don't want to push product information directly from Netsuite to Shopify, we're aware the Shopify/Netsuite integration app can do this already, we want to be able to keep a far more fully-fledged product information database for numerous different marketplaces as a separate entity).
Any assist/guidance that can be offered would be appreciated.
It may be a simple line or handlebar expression to get the information and assign it to the other connection, though am not too familiar with Celigo unfortunately.
Regards,
Christian
-
Official comment
Hey Christian,
To support this kind of connection, you should use the Token authentication type and configure the Refresh Token settings. Even though this says "Relative URL", if you use an absolute address then it'll respect that. For example...
Thanks!
-Lucian -
We're currently investigating a solution to your situation. If you haven't already, feel free to open a support ticket.
0 -
Hi Lucian,
OK, so I've been playing around with this and although you've said the relative URL section will allow different absolute URLs to be set, still not having much luck.
See following the configuration I'm using and the API documentation.
Plytix Api V1 (this is the API explaining the authentication process).
As you can see there's two APIs, one for Auth and the other for actual calls, which needs the Auth token, or refreshToken (requires renewal every 15 minutes).
Per your advice, have now seemingly got it connected (according to Celigo's success message).
The token entered in the Token field was the result from the api username and password, which I pasted into the Token field. Got the token using Postman initially.
The refresh Token is also inputted in my connection settings with the Auth URL to get the new token when it requires refreshing.
Do these settings look correct to you?
Regards,
Christian
0 -
Hey Christian,
That's getting close!
When we're using the refresh token mechanism, in the Token field you can just enter something random like abc123. The tool will attempt to use this token, receive an HTTP 401 Auth Failed error from Plytix, and then attempt the refresh mechanism to retrieve a valid token. You won't need to use Postman.
Looking at the docs, I think you'll need to add this in the HTTP request body field for the refresh token:
{ "api_key": "your.api.key", "api_password": "your.secret.api.password" }and this in the Path to token field in HTTP response body field:
data.0.access_token
Let me know where that gets you!
Thanks,
-Lucian0 -
Hi Lucian,
Apologies for the late response; we're still in the process of launching our Netsuite/Shopify integrated systems, so am a bit behind the eight-ball.
So, some good news is that I've been able to connect and push information into Plytix via Celigo from Saved Searches in Netsuite, so that's a big step forward.
The only issue is that the push only works for the length of time of the initial token when I input a real Token generated from Postman, after which it expires at the end of it's term, as follows:
It looks like Celigo doesn't recognise the following as the location to get the refresh:
data.0.access_token
I think we're very close now, just need to fix that above one line, then we'll have a solid, refreshing connection, for as I said, I can now push information into Plytix when the connection is established and see the products I want coming through to Plytix.
Thus far from scouring through Celigo help information, I've tried the following, though am yet to stumble across the "Open Sesame" phrase yet! :-)
data.0.access_token (doesn't get a refresh token, expires)
{{connection.http.auth.token.refreshToken}} (doesn't get a refresh token, expires)
data.0.refresh_token (along your line of though, thought this might do it, though still waiting now for the token expiry to see if it expires again)Any thoughts would be appreciated.
Regards,
Christian
0 -
Hey Christian,
So if you're seeing that error, it means that our tool has not tried to generate a refresh token. Our tool should've gotten back the response above, seen that it was an "unauthorized" response, and then attempted to get the new token.
If we were doing the refresh and then unsuccessfully grabbing the new token, you'd get an error about a missing or invalid token, not an expired token.
It looks like this endpoint is actually returning a 403 error on unauthorized access, not the 401 error that we are expecting. This is an easy fix. Just type 403 in the Override HTTP status code for auth errors field:
Let me know when that's working, I've got one more tip around making this secure by hiding that username and password from the UI using the custom encrypted fields described here.
Thanks,
-Lucian0 -
Houston, we have lift-off! It's maintaining it's connection now.
One thing I was doing was using the wrong connection type (using REST instead of HTTP), so I've switched the entire connection over to HTTP using what I learned from you and it's functioning and maintaining the connection past the 15 minute key refresh.
I also added that 403 error override and it exposed that the error had to do with authentication.
After setting up the connection with HTTP rather than REST, I could past the Refresh token into the field, after which it's all seemingly working correctly.
I just tested a push at 17 minutes and it's still saying it's connected.
It now generates another error, which I'm happy about anyway (it's a 422 error, saying there's a duplicate, though that's to be expected as I'm pushing new products into the PIM where those SKUs already exist).
So looks like it's up and running finally, after four months! :)
When I get a bit of spare time I will attempt to recreate the connection in REST as suggested so the fields can be encrypted. Is there any way to do this within an HTTP connection, or only REST?
Thankyou, eternally grateful for your assistance with this!
Christian
0 -
Christian,
Great news, I'm so glad!
The exact same mechanism works with the HTTP connector. You'll just store you key and password in the Encrypted section under the Advanced tab:
Then in the token refresh request body, reference these as {{{connection.http.encrypted.key}}} and {{{connection.http.encrypted.password}}}
Regards,
-Lucian0 -
Awesome, will give it a shot in the morning and let you know, since it's 3:20am here. Thankyou once again!
Regards,
Christian
0
Please sign in to leave a comment.
Comments
9 comments