Forum Discussion

AdamKeever1's avatar
AdamKeever1
Qrew Commander
5 years ago

RESTful API Header

Hello, using RESTful API a temporary token is returned and logged with console.log(xmlHttp.responseText);. Does anyone know how to then pass that temporary token to the  'Authorization': '{Authorization}', in the header of a Query for data?

------------------------------
Adam Keever
------------------------------
  • Does it return the token to you in the response Header or in the body? 

    If it's in the body then you could potentially iterate over the JSON objects using the JSON channel, then you'll get the value back as a field you can then use in the subsequent JSON request Header field.   ie if you iterate over the objects in step C and get a field called "token" you could then put something like this in JSON Request Header field (example here is if the auth header name is "Authorization") :  "AUTHORIZATION: {{c.token}}"

    If that doesn't work you could maybe iterate the JSON objects and store the values in a Quickbase table somewhere using the Add or Update Record Quickbase channel, then lookup the value in a later step or separate pipeline step and include it using the same format above.

    If you're getting the token back in the header then I'd be interested if anyone on this community knows how to capture header data and use it in subsequent pipeline steps.  The JSON Request step only provides a "Header Name" and "Header Value" field without an obvious way to differentiate amongst all the returned headers.  I tried storing the headers in a Quickbase table but it won't store them.

    Sorry for the tome... hopefully something works for you... I'm just getting my API legs under me with Pipelines too.

    ------------------------------
    Brian Richardson
    ------------------------------
  • AustinK's avatar
    AustinK
    Qrew Commander
    Adam did you still need any help with this? What are you using to call the RESTful API? I am assuming JavaScript of some sort. Admittedly I am not awesome at JavaScript so some of what I say could probably be done in a better or easier way.

    https://developer.quickbase.com/operation/getTempTokenDBID

    After executing the code on the temporary token page everything you want is contained within the xmlHTTP.responseText. Here is what mine looks like.

    "{
    "temporaryAuthorization": "CEtP.OV9icTlmajdkdm1fYjM5c2llX2I4ZWFfYV9icXd6ajd4aHJfY2duYXZkcTQ0c3p3ZGJ1ZWthdnlidmV2bTh2ZHJuYjRhNGJ"
    }"

    I would then take that and do the following:

    var data = JSON.parse(xmlHttp.responseText)

    Then in my JavaScript I could do something like this now that they are key:value pairs:

    tempAuth = data.temporaryAuthorization

    and now tempAuth is equal to "CEtP.OV9icTlmajdkdm1fYjM5c2llX2I4ZWFfYV9icXd6ajd4aHJfY2duYXZkcTQ0c3p3ZGJ1ZWthdnlidmV2bTh2ZHJuYjRhNGJ"

    I could then use that in the headers for my next call that needed actual authentication. Just do not forget that you need to put "QB-TEMP-TOKEN" before the actual token since it is a temporary token.

    tempAuth = "QB-TEMP-TOKEN " + tempAuth

    Going with the same example we have been you would want to build your next set of headers like this:

    var headers = {
    'QB-Realm-Hostname': 'myRealm.quickbase.com',
    'User-Agent': '{User-Agent}',
    'Authorization': tempAuth,
    'Content-Type': 'application/json'
    }
    • AdamKeever1's avatar
      AdamKeever1
      Qrew Commander
      Thanks for the replay and information Austin. I wasn't aware of the need for the "QB-TEMP-TOKEN " + before the parsed xmlHTTP.responseText.

      ------------------------------
      Adam Keever
      ------------------------------
      • AdamKeever1's avatar
        AdamKeever1
        Qrew Commander
        Austin, I am unable to get this to work on my end. Here is the code I am using:
        <!DOCTYPE html>
        <html>
        
        <head>
            <meta charset="UTF-8" name="description" content="[MY CONTENT]">
            <meta name="viewport" content="width=device-width, initial-scale=1.0">
            <meta name="theme-color" content="#3367D6" />
            <link rel="shortcut icon" href="[MY ICON]" />
            <title>View Data</title>
        
            <!-- put styling information here -->
        
        </head>
        
        <body>
        
            <!-- This is just to confirm code functionality -->
        
            <h1>Record ID#</h1>
            <span id="RID#"></span>
        
            <h1>Temporary Authorization#</h1>
            <span id="AUTH#"></span>
        
            <h1>Declared Variable</h1>
            <span id="VAR#"></span>
        
            <h1>Passed Variable</h1>
            <span id="PASS#"></span>
        
            <h1>Query Results</h1>
            <span id="Q#"></span>
        
            <!---------------GET_RECORD_ID#---------------------->
        
            <script>
                var getUrlParameter = function(sParam) {
                    var sPageURL = window.location.search.substring(1);
                    var sURLVariables = sPageURL.split('&');
                    for (var i = 0; i < sURLVariables.length; i++) {
                        var sParameterName = sURLVariables.split('=');
                        if (sParameterName[0] == sParam) {
                            return sParameterName[1];
                        }
                    }
                }
                rid = getUrlParameter("rid");
                console.log(rid);
                document.getElementById("RID#").innerHTML = rid;
            </script>
        
            <!---------------GET_TEMPORARY_TOKEN---------------------->
        
            <script>
                var headers = {
                    'QB-Realm-Hostname': '[MY REALM]',
                    'QB-App-Token': '[MY APP TOKEN]',
                    'Content-Type': 'application/json'
                }
        
        
                const xmlHttp = new XMLHttpRequest();
                xmlHttp.open('GET', 'https://api.quickbase.com/v1/auth/temporary/[MY TABLE]', true);
                for (const key in headers) {
                    xmlHttp.setRequestHeader(key, headers[key]);
                }
                xmlHttp.onreadystatechange = function() {
                    if (xmlHttp.readyState === XMLHttpRequest.DONE) {
                        console.log(xmlHttp.responseText);
                        document.getElementById("AUTH#").innerHTML = xmlHttp.responseText;
                        var ticket = JSON.parse(xmlHttp.responseText);
                        document.getElementById("VAR#").innerHTML = ticket.temporaryAuthorization;
                    }
                };
                xmlHttp.withCredentials = true;
                xmlHttp.send();
        
                tempAuth = "QB-TEMP-TOKEN " + ticket
            </script>
        
            <!---------------GET_DATA_FROM_FIELDS---------------------->
        
            <script>
                document.getElementById("PASS#").innerHTML = tempAuth.temporaryAuthorization;
        
                var headers = {
                    'QB-Realm-Hostname': '[MY REALM]',
                    'Authorization': 'tempAuth',
                    'Content-Type': 'application/json'
                }
        
        
                var body = {
                    "from": "[MY TABLE]",
                    "select": [237, 229, 253, 277, 313, 334, 254, 278, 314, 335, 255, 279, 315, 336, 256, 280, 316, 337, 257, 281, 317, 338, 258, 282, 318, 339, 259, 283, 319, 340, 260, 284, 320, 341, 261, 285, 321, 342, 262, 286, 322, 343, 263, 287, 323, 344, 264, 288, 324, 345, 265, 289, 325, 346, 266, 290, 326, 347, 267, 291, 327, 348, 268, 292, 328, 349, 269, 293, 329, 350, 270, 294, 330, 351, 271, 295, 331, 352, 272, 296, 332, 353, 273, 297, 333, 354, 274, 362, 372, 382, 275, 363, 373, 383, 432],
                    "where": "{3.EX.' + rid + '}"
                }
        
                const xmlHttp = new XMLHttpRequest();
                xmlHttp.open('POST', 'https://api.quickbase.com/v1/records/query', true);
                for (const key in headers) {
                    xmlHttp.setRequestHeader(key, headers[key]);
                }
                xmlHttp.onreadystatechange = function() {
                    if (xmlHttp.readyState === XMLHttpRequest.DONE) {
                        console.log(xmlHttp.responseText);
                        document.getElementById("Q#").innerHTML = xmlHttp.responseText;
                    }
                };
        
                xmlHttp.send(JSON.stringify(body));
            </script>
        
        </body>
        </head>
        
        </html>​


        Here is the response:
        I have tried running the last two code blocks within one script tag, but then the temporary token API doesn't work.




        ------------------------------
        Adam Keever
        ------------------------------