This topic was automatically generated from Slack. You can find the original thread here.
is there a way to retrieve an OAuth2.0 connected account credentials via API? I need this for dynamically set credentials for an API call to that connected account.
Yes, you can retrieve credentials for any connected OAuth2.0 account via API on Pipedream. Pipedream provides an API that allows you to access credentials for connected accounts, so you can dynamically set credentials for API calls. This is particularly useful if you want to build services outside of Pipedream but use Pipedream to handle authentication. To get started, see the guide for accessing credentials via API in the Pipedream documentation: - Guide for accessing credentials via API This guide will walk you through how to retrieve connected account credentials programmatically. If you need to retrieve accounts for your end users via Pipedream Connect, refer to the Connect API docs. If you have any specific requirements or run into issues, let me know!
What is the endpoint I should connect to in order to retrieve OAuth2.0 credentials?
the endpoint I was looking for is https://api.pipedream.com/v1/connect/{project_id}/accounts
What is the permission I need so that my PD_API_KEY will be able to access this endpoint? At the moment I am getting Unauthorized
Is this for your end users via Connect? Or for your own connected accounts in Pipedream? Either way you’ll need to make sure you’re using your own OAuth client for the app you’re connecting to.
But the endpoint is different based on first first question
To access the endpoint https://api.pipedream.com/v1/connect/{project_id}/accounts, you cannot use your PD_API_KEY (personal API key) for authentication. This endpoint is part of the Pipedream Connect API, which requires authentication via a Pipedream OAuth client. Required permissions: - You must authenticate with an OAuth access token obtained via a Pipedream OAuth client, not your PD_API_KEY. - The OAuth client must have access to the relevant project and Connect environment. Why you’re getting Unauthorized: - The PD_API_KEY is for the core Pipedream REST API, not for Connect endpoints. - Connect endpoints require OAuth-based authentication. What you should do: 1. Register a Pipedream OAuth client. 2. Use the OAuth flow to obtain an access token. 3. Use that access token in your Authorization: Bearer {access_token} header when calling the Connect API. Reference: See the Pipedream Connect docs for more details and the API reference. If you need more help setting up OAuth or accessing the Connect API, please let me know!
Good response ^
hey Danny, thanks for jumping in, let me read the response. Those AI bots are pretty good, eh? 
is there a way for me to retrieve those credentials without Connect? I am building a workflow that should make an API call to a 3rd party system, but I don’t know to which account. This will be determined based on a parameter I get from the webhook payload. So I need to dynamically retrieve the credentials and embed them in the API call. Is that possible?
Yes, it is possible to dynamically retrieve and use credentials without using Pipedream Connect, but you need to manage the storage and retrieval of those credentials yourself. ### How to do this in Pipedream 1. Store Credentials in a DB or Secrets Store Save the OAuth tokens or API keys for each account in a database or secrets manager (like AWS Secrets Manager, Google Secret Manager, or even a Pipedream Data Store). 2. Fetch Credentials at Runtime In your workflow, add a step that fetches the correct credentials based on the parameter from your webhook payload. 3. Pass Credentials to the API Call When configuring the step that makes the API call, select the Use external authentication option. You’ll be prompted to map the credential fields (like oauth_access_token or api_key) to the values you fetched in the previous step. #### Example Workflow Steps - Step 1: Webhook trigger receives payload with account_id - Step 2: Fetch credentials for account_id from your DB/secrets store - Step 3: Use those credentials in an API call step (using “External Auth” in the UI) #### Docs Reference - Passing external credentials at runtime - Fetch credentials from a DB or secrets store #### Important Note > When you return credentials from workflow steps, Pipedream stores it with the rest of the workflow execution data. Workflow events are retained according to the default retention policy for your plan and any data retention controls you’ve configured. > You can set the pd-nostore flag to 1 on requests with credentials to disable logging for those requests only. — Summary: You do not need to use Pipedream Connect. You can fetch credentials from any external source at runtime and pass them to your API call step using “External Auth”. This is a common pattern for multi-account workflows. If you need a code example or more details on any step, let me know!