This topic was automatically generated from Slack. You can find the original thread here.
Hi team
I’m integrating Pipedream Connect for API Key based authentication and noticed an issue with credential validation.
Issue: When a user enters an invalid/dummy API key during the Connect flow, the popup still shows “Successfully connected”. The invalid credentials only fail later when an actual tool call is made.
Question: Is there a way to validate API key credentials at connection time before showing success? Specifically:
Does the Connect flow perform any validation of API keys before creating the account?
Is there a field on the Account object (like healthy or status) that indicates credential validity?
Any recommended approach to verify credentials are valid immediately after connection, before the user sees “success”?
We’d like to show an error upfront if the API key is invalid rather than have it fail during tool execution.
Thanks for your detailed questions about Pipedream Connect and API Key validation. Here are answers to each of your points: — ### 1. Does the Connect flow perform any validation of API keys before creating the account? No, by default, Pipedream Connect does not automatically validate API keys at connection time. When a user enters an API key in the Connect flow, Pipedream will accept and store it without making a test request to the third-party API. This means that even invalid or dummy keys will show as “Successfully connected” unless you specifically implement a validation step. — ### 2. Is there a field on the Account object (like healthy or status) that indicates credential validity? No, there is not a built-in field like healthy or status on the Account object that reflects credential validity after connection. Credential validity is typically only determined when an actual API request is made using the stored credentials. If the credentials are invalid, the error will be surfaced at that time (e.g., during a workflow run or when using a component that makes an API call). — ### 3. Any recommended approach to verify credentials are valid immediately after connection, before the user sees “success”? Yes, you can implement credential validation at connection time by adding a “test” or “validate” request in your app’s Pipedream Connect configuration. This is a best practice for API Key-based apps, as it allows you to check the validity of the credentials before the connection is finalized. How to do this: - In your app’s Connect configuration, define a test endpoint or function that makes a simple API call (such as fetching the authenticated user’s profile or a basic resource) using the provided API key. - If the API call succeeds, the connection is marked as successful. - If the API call fails (e.g., 401 Unauthorized), the user is shown an error and prompted to re-enter their credentials. Example (pseudo-code): ```
// In your app’s connect config test: { async validate({ auth }) { // Make a simple API request using the provided API key const res = await axios({ url: “https://api.example.com/me”, headers: { Authorization: Bearer ${auth.api_key} }, }); if (res.status !== 200) throw new Error(“Invalid API Key”); return true; } }
