Authenticating endpoints

Authenticating endpoints is a secure way to run workflows as admin of the app. Workflows will not get initiated if they are not authenticated.

Method 1: Include the Authorization header in the call.

a) Generate a token in settings

b) Include the header 'Authorization' in your call. Use 'Bearer' + TOKEN as the value.

Method 2: URL parameter

If you are working with 3rd party API's and you are not able to add Custom header, include 'api_token' parameter in the URL when making the call.

POST: https://app.bubbleapps.io/version-[env]/api/1.1/wf/create?api_token=TOKEN

Method 3: Act on behalf of a API User

a) Create API endpoint that contains Log in action as a workflow (Have user created within your app or you can have a signup workflow before login action to create a new user)

Setting the field “Stay logged in” to ‘yes’ will give you token valid 365 days.
Setting the field “Stay logged in” to ‘no’ will give you token valid 24 hours.

b) Initiate the endpoint via Postman or API connector. The response of the api will look like this:

{
"status": "success",
"response": {
"token": "1646485307119x480839771339487600", // API TOKEN Generated
"user_id": "1646485006806x789796348942187500",
"expires": 31536000 // valid 365 days
}
}

In the response, you will get an API Token (valid 365 days) that will allow you to create an endpoint with the 'require authentication' option set to run the workflow, but all subsequent actions will have access to the data as that User and Privacy Rules set to that User (e.g. you can set a special Privacy Role set to that only API User, etc.)

c) see Method 1 or Method 2 to authenticate the endpoint.

PreviousSecurity & Privacy NextTransactional Email

Last updated 2 years ago