API URL changes automatically

  • codenitrr

    1 month ago

    Hello. I'm having some problems sending a REST API request. In terms of authentication, the API works as follows: GET URL: https://{api_key}:{api_secret}@{cluster_url}/{shop_language}/{resource}.json

    If I enter these values and put them in toddle's URL box. Then it automatically removes the values before @.

    So example (fake data) with this request:
    https://e80d99sfgsf8adfadfadcb7sfg409a:ea624fc02226adfadf22222c1c032f09a@api.webshopapp.com/de/checkouts/123455.json

    the request is eventually made to

    https://api.webshopapp.com/de/checkouts/123455.json

    I don't know if I'm doing something wrong or if this is a bug. I also tried encoding the url, but this too was unsuccessful. I suspect it has something to do with the @ sign for api.webshopapp.com
  • Kedde

    1 month ago

    Hi codenitrr. Ill take a look at what is happening.
    πŸ™Œ1
  • codenitrr

    1 month ago

    Wow, i see Discord reacts the same, all my url's automatically removed the part before @. this should be the request: https:// e80dgsf91cf8adfadfasf409a:ea624fc0996gf9d46bc1fg2f09a @ api.webshopapp.com/ (fake data)
  • Kedde

    1 month ago

    The reason is most likely that its because the part before the @ is the credentials for a basic authentication.
  • Kedde

    1 month ago

    When trying to use this pattern in Chrome I also get an error. Would it work to put the credentials in a Authorization header?
  • /attachments/1315973944024760360/1315978279513096233/Screenshot_2024-12-10_at_10.44.13.png

    Kedde

    1 month ago

    Docs on the Authorization header can be found [here](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Authorization#basic_authentication)

    An example of a formula for that header could look like following (user/pass base64 encoded)
    Screenshot_2024-12-10_at_10.44.13.png
  • codenitrr

    1 month ago

    I am trying that now, so far without success. Thanks for your help, appreciated!
  • Tod

    1 month ago

    Great energy @! Your continuous contribution to the toddle Community just made you advance to Community Level 1!
  • Kedde

    1 month ago

    Maybe the the api youre trying to call can give you some clues into how they expect authorization to work as well. 🀞
  • codenitrr

    1 month ago

    Unfortunately that doesn't work, in postman they have an example collection and there the api keys are also in front of the url with an @ instead of in a header. It works there
  • Screenshot_2024-12-10_at_10.54.49.png
  • Kedde

    1 month ago

    Hmm. Let me find out if we should allow our proxy to support this. I will get back to you asap πŸ™‚
  • codenitrr

    1 month ago

    Yes! Thanks. If it's not, I'll make a workaround to a private server which is also no problem, but makes it take a few ms longer. Thanks for your help so far! πŸ™Œ
  • Kedde

    1 month ago

    Hey again. I havent had success in properly recreating but I suspect its because the urls you provided are not the right ones. πŸ™‚ But I did notice that it seems like our proxy does support the pattern but that when pasting the url it parses the credentials away. Could you try to add the credentials manually after. So once the API is created you just paste the [api_key]:[api_secret] into the url field in the api? And make sure "proxy request" is enabled in the Advanced tab. It should stay there that time and passed correctly to our proxy (although it doesnt appear to from the response). Does that work? 🀞
  • /attachments/1315973944024760360/1316013656927895643/Screenshot_2024-12-10_at_13.06.14.png

    codenitrr

    1 month ago

    I just tried. When I do that, it loads fairly long and I suddenly get a login screen
    Screenshot_2024-12-10_at_13.06.14.png
  • Kedde

    1 month ago

    Yeah it was the same I saw. The server responds with a 401 and a header telling us to authorize using Basic authentication :/ Ill try to see if I can get a test of this up and running to I can replicate it.
  • codenitrr

    1 month ago

    I made a workaround for myself, so if this is a way how Toddle doesn't want to work, that's no problem for me otherwise!

Stop scrolling. Start building.

toddle is a visual web app builder that rivals custom code β€” but accessible to your entire team!

Try toddle β€” it's free!

Β© Copyright 2024 toddle. All rights reserved.