Hello,
I created the custom node called getMachines
where I will be supplying the ClientId and ClientSecret in input of the node.
And after that i will be accessing the accessToken to get the API data.
After that on the accesstoken want to fetch the machines api.
and this all process should be in one single custom node.
Please help me, how to achieve this solution.
Thanks,
Sudthakur
Nobody can help without more information than that. We can't guess the form of the token, how/where it is created, how long it is valid for, how it is renewed, what other requirements the API has, ...
Thanks for asking these question to myself also.
I want authentication through auth0 by grant_type=client_credentials, clientId and clientSecret available.
want to get first the accesstoken by the above information passing through post method.
And after getting the accesstoken want to fetch the api and get the json data.
Please help me on this, as new to this authentication things and with auth0 also.
and do please let me if more information is needed.
Thanks,
Sudthakur
Hi @Sudthakur,
To achieve that you have more than one option, and security ways.
store your keys securelly;
create the payload, headers and url as required by documentation
make de request
finaly get your access_token
in my opinion, first of all, store your secrets using env variables.
https://nodered.org/docs/user-guide/environment-variables
After that you can retrive values using function node.
https://nodered.org/docs/user-guide/writing-functions#env
OR
Use de change node to assign the env variable to required variable as API documentation
https://nodered.org/docs/user-guide/nodes#change
the next step will be request call.
set url, headers and boddy...
https://cookbook.nodered.org/http/#http-requests
if you done the above activities well, you will be able to receive your access_token in msg.payload
from here, you can make the next request using the same knowledge to get the main information from API.
Hope this helps.
Please remember that environment variables are easily picked out of memory - they are not a secure store. They can reduce exposure but they are not really a security mechanism. For that you need a secure keystore and good isolation between processes.
Having said that, they are probably good enough.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
Copyright OpenJS Foundation and Node-RED contributors. All rights reserved. The OpenJS Foundation has registered trademarks and uses trademarks. For a list of trademarks of the OpenJS Foundation, please see our Trademark Policy and Trademark List. Trademarks and logos not indicated on the list of OpenJS Foundation trademarks are trademarks™ or registered® trademarks of their respective holders. Use of them does not imply any affiliation with or endorsement by them.
The OpenJS Foundation | Terms of Use | Privacy Policy | OpenJS Foundation Bylaws | Trademark Policy | Trademark List | Cookie Policy