Dynamic workflow with per user authentication


I have a small SaaS product with which I am trying to integrate Pipedream. The workflow I am expecting is that my users can connect to some workflows (public/custom) through the interface so that they can execute it based on some action in my product.

An example would be a file upload to dropbox or filing a google sheets based on a form submission. I have seen examples where I can define and authenticate myself and execute workflows. I am still confused about how this can be executed for a user on his own. Data should go to his Dropbox/Google drive

Expected user flow

  1. User clicks on “Save to dropbox” button
  2. User has been taken to Pipedream
  3. Authenticate somehow (Users dropbox)
  4. My product gets the access to the dropbox.

Point me to some tutorial or code snippet so that I can have a closer look at. Thanks for the help.

@niksmac thanks for reaching out. We don’t have a native way to allow your end users to authenticate to an app in Pipedream. Are you able to handle the OAuth flow for your users, generating OAuth access tokens within your application? If so, you could pass that OAuth access token as part of the request to Pipedream, triggering your workflow and making API requests that includes the user-specific token, instead of referencing your connected account directly within a step.

Do you think that would work?

@dylburger thanks for the reply. I know that would work, but that is something I wanted to avoid, keeping the OAuth tokens and maintaining it.
The idea is to get onto as many services possible quickly, that is why I was looking for a service like this.
Do you have such a feature in roadmap?

This isn’t directly on the roadmap but we have considered it and we hear this a lot, so this feedback is helpful.

This is the first related feature that we are planning to build. This will allow users to develop their own OAuth applications on Pipedream. It won’t directly address your use case (there are a few other things we’ll need to build to support that), but it’s a step in that direction, so I’d recommend following that issue.

Happy to hear that. An on-demand authentication is a must have feature but like you mention in the GitHub issue, people will see only Pipedream Logo and details; that’s no good if you think from our side. I think the best is to create one generic app on Pipedream and let users use it if they have Pipedream acc, right?

This guy nailed it already Design idea for custom OAuth services or Secret

Thanks @dylburger

Yes, implementing issue #163 will let you create your own OAuth app tied to any app / client. So when you authorize access to that client as a user, you’d see the your own app’s details, not the Pipedream logo / app.

That would be nice. Do you have release date for this yet?

We don’t, but we’ll update that issue when we do!

Hey @dylan @dylburger
+1 for this use case. We would really love to use this. Do you have any planned release date?

Hi @yonatan1

We don’t have a target release date for this, but this is on our roadmap. For now, I’ll share some workarounds. You’ll notice when you auth into any Pipedream app, we are considered the app “owner”. This means you have to authorize your account on https://pipedream.com within the product - you can’t have your own end users auth into that Pipedream app from your own application.

We recommend Pizzly for these kind of scenarios. That lets you manage apps for your own users. Pizzly provides a way to let users auth into your own Slack / Quickbooks / etc. apps, and generates OAuth access tokens for those users automatically. Then you’d essentially have a database of users / auth tokens for each service.

Pipedream doesn’t have a mechanism to run workflows automatically for all your users on specific events, but you can trigger Pipedream workflows on HTTP requests or whatever events you want, e.g. when an event happens in your system and you want to run a workflow for a user:

  1. If you need to connect to e.g. Slack within a workflow, you would look up the current access token for your user, for Slack, in Pizzly.
  2. Send an HTTP request to an HTTP-triggered workflow, including the Slack access token for that user in the request
  3. Make a request to the Slack API on behalf of the user

Hope this helps!