This topic was automatically generated from Slack. You can find the original thread here.
- do you have any recommendations to handle access tokens that are short-lived, like a 10hr token for a M2M authentication?
For short-lived access tokens, you can use Pipedream’s built-in key-value store to cache the token and its expiration time. When the token expires, you can request a new one and update the cache. Here’s an example of how you can handle short-lived access tokens in a Pipedream component: ```
import { axios } from “@pipedream/platform”; export default defineComponent({ async run({ $ }) { // Check if the token is cached and still valid const cachedToken = await $.cache.get(“access_token”); const tokenExpiration = await $.cache.get(“token_expiration”); let accessToken; if (cachedToken && tokenExpiration && Date.now() < tokenExpiration) { // Use the cached token if it’s still valid accessToken = cachedToken; } else { // Request a new token and cache it with its expiration time const tokenResponse = await axios($, { method: “POST”, url: “https://your-authentication-api.com/token”, // Add any required authentication parameters here }); accessToken = tokenResponse.access_token; const expiresIn = tokenResponse.expires_in * 1000; // Convert to milliseconds const expiration = Date.now() + expiresIn; // Cache the new token and its expiration time await $.cache.set(“access_token”, accessToken, { ttl: expiresIn }); await $.cache.set(“token_expiration”, expiration, { ttl: expiresIn }); } // Use the access token in your API requests const apiResponse = await axios($, { method: “GET”, url: “https://your-api.com/some/endpoint”, headers: { Authorization: Bearer ${accessToken}, }, }); return apiResponse; }, });
what’s the specific API / service? We may support a native integration, and if we don’t, we can add it. That way we’d refresh the tokens automatically and always provide a valid token to your workflow
it’s Auth0 we need to authenticate a webhook before sending it back to our endpoint on the backend so we made a new M2M application - is that something I could use the native integration for?
I think we only get 1,000 tokens, so just want to make sure we’re using the same token and not burning through them each month 
we support the Management API: https://pipedream.com/apps/auth0-management-api . Is that the one you’re using or a different one?
So they actually charge you to generate new short-lived tokens?
- I will need to look into it, but I don’t think this would fall under the mgmt api, they have a m2m token quota:
They don’t count the validation itself but how many tokens we issue so we need to cache them.
Interesting thanks. Could you share the docs on the API you’re using to generate tokens?
Sure, this is what I’m following through Using Machine to Machine (M2M) Authorization
I am going to test and see if I can do it though the MGMT API, basically we use Auth0 to authenticate anything coming through to one of our endpoints and we’re building out a webhook to push data into our DB. But it looks like Pi’s response about using the key-value store with with an expiration time would work
Oh wait, I think you actually already do this!
it looks like this is saying to use a m2m app - I just wouldn’t use the mgmt api to update anything I would just get the authorization maybe?
yes, and this may have just been our misunderstanding of the Auth0 APIs. If that will work for your use case, maybe it makes sense for us to rename that Auth0 (M2M) or something more generic?
Gotcha - I’m investigating now and will circle back if that is what the difference is. I think the MGMT API is something you interact with after via this connection as you need to have the permission sets on the access, but not 100% sure - their docs and best practices are not always the most clear haha….
agreed
so I can get it working in an node step which is great, the connection via Auth0 and the integration, not yet - is Pi’s response accurate about using Pipedream to store the token? I imagine it can only store the token per individual Event ID or is the memory outside of a single Event possible with the cached token?
Pi’s response assumes you’re doing it yourself, but if you’re using our integration, we should expose a valid token in this.auth0.$auth (within Node.js steps). That’s populated by our backend at runtime. Do you see that token / will that work for you? Then you don’t need to worry about storing it.
Pi also hallucinated. can you rewrite the docs to use Pipedream’s data stores? Remember that you have to attach the store as a prop in the step, and use this.db.set and get. See Using Data Stores
then if you need to manage it yourself (or store other state across workflows), data stores are the way
Yes, if you’re using the Auth0 integration in Pipedream, you should have access to a valid token within Node.js steps using this.auth0.$auth. This token is managed by Pipedream’s backend, so you don’t need to worry about storing or refreshing it manually. Regarding data stores, you can use them to store and retrieve data within your workflow. To use a data store, you need to attach it as a prop in the step, and then use this.db.set and this.db.get. Here’s an example: ```
export default defineComponent({ props: { db: { type: “app”, app: “datastore”, }, }, async run({ steps, $ }) { // Set a value in the data store await this.db.set(“my_key”, “my_value”); // Get the value from the data store const value = await this.db.get(“my_key”); console.log(value); // Output: my_value }, });
That prop need to be of the form:
props: {
// Define that the "db" variable in our component is a data store
db: { type: "data_store" }
},
Can you rewrite the code to use that?