This topic was automatically generated from Slack. You can find the original thread here.
Hey does anyone know how to get credentials from the account API? I tried &include_credentials=true but just got the account info back without creds
It sounds like you’re trying to retrieve credentials (such as API keys or secrets) from the Pipedream Account API, but you’re only getting account info back and not the credentials themselves. Important: For security reasons, Pipedream does not expose connected app credentials (like OAuth tokens, API keys, or secrets) via any public Account API endpoint. This is by design to protect your sensitive information. Even with query parameters like include_credentials=true, the API will not return these secrets. How to Access Credentials in Pipedream: - Within Workflows: Credentials you’ve connected to Pipedream (for apps, custom auth, etc.) are only accessible within workflow steps, using the special variables provided (like this.<app>.$auth.<key> in Node.js or pd.inputs["app"]["$auth"]["key"] in Python). - Not via Account API: There is no supported way to fetch these credentials via the Account API or any external API call. Example: Accessing Credentials in a Node.js Code Step ```
export default defineComponent({ props: { my_app: { type: “app”, app: “my_app”, // Replace with your app’s slug } }, async run({steps, $}) { // Access the API key or token const apiKey = this.my_app.$auth.api_key; // Replace with your credential key // Use the credential in an API call return apiKey; }, })
what inclde_credentials do on the accounts api
The include_credentials parameter on the Pipedream Accounts API is used to request that the API response include the credentials (such as API keys or OAuth tokens) for the connected account. - By default, when you fetch an account (e.g., GET /v1/accounts/<account_id>), you only get metadata about the account. - If you add ?include_credentials=true to your request, the API will attempt to include the actual credentials in the response. Example: ```
bash curl ‘https://api.pipedream.com/v1/accounts/<account_id>?include_credentials=true’ \ -H “Authorization: Bearer ” \ -H “Content-Type: application/json”
is there a way to build a custom oauth flow where we store the tokens to our database?
Yes, you can build a custom OAuth flow where you store tokens in your own database, but you would need to implement and manage the OAuth flow yourself, outside of Pipedream’s built-in OAuth integration. ### How Pipedream Handles OAuth - When you use Pipedream’s built-in OAuth, Pipedream manages the OAuth flow and securely stores the tokens for you. You can access these tokens in workflow steps via the $auth object (e.g., this.app.$auth.oauth_access_token), but you cannot export or retrieve them directly for storage in your own database. - See docs on how Pipedream handles OAuth ### Building Your Own Custom OAuth Flow If you want to store OAuth tokens in your own database: 1. Implement the OAuth flow yourself (outside of Pipedream), using your backend or serverless function. 2. Store the access and refresh tokens in your database after the OAuth callback. 3. Use Pipedream to read tokens from your database when making API calls. #### Example Flow 1. User authenticates with the third-party service via your custom OAuth app. 2. Your backend receives the OAuth callback and stores the tokens in your database. 3. In your Pipedream workflow, query your database for the tokens when you need them (using a code step or a database integration). 4. Use the tokens to make API requests. #### Example: Fetching a token from your database in Pipedream ```
import { axios } from “@pipedream/platform”; export default defineComponent({ props: { database: { type: “app”, app: “database”, }, user_id: { type: “string”, label: “User ID”, }, }, async run({ steps, $ }) { // Example: Query your database for the OAuth token const sql = SELECT access_token FROM oauth_tokens WHERE user_id = '${this.user_id}'; const result = await axios($, { url: this.database.$auth.db_url, // Replace with your DB connection info method: “POST”, data: { query: sql }, }); const access_token = result.data[0].access_token; // Use the access_token in an API request return await axios($, { url: “https://api.example.com/endpoint”, headers: { Authorization: Bearer ${access_token}, }, }); }, });