Skip to main content

Get Support
Have a question? Let's get you an answer!

How Do I...? Troubleshooting Code & Webhooks Developer Zone

Other Help Resources
Wait, there's more! Check out these Community sourced spaces for additional resources.

Zapier Help Center Hire an Expert

Learning Resources
All of our best learning resources can be found here.

Featured Articles Show & Tell Zapier's products AI Hub Zapier Tools Hub

Share your knowledge
Give back to the Community by sharing your automation wins and helping to answer questions.

Share your success See unanswered questions User Groups

Other Learning Resources
Some of our favorite additional ways to upskill your Zapier knowledge.

Zapier Learn Zapier Blog Zapier Webinars

Product Updates
Check out what is new and upcoming with Zapier with our regular product updates.

Product Updates

Early Access Program
Want to join Early Access? Learn more here.

Question

API keys in Code by Zapier

  • May 8, 2024
  • 3 replies
  • 529 views
T

I’m using Code by Zapier to connect with an API that isn’t explicitly integrated with Zapier.  I make a JavaScript call to the API, but the problem is that doing it this way leaves the API key stored in plain text in the zap.  Is this not the intended use of Code by Zapier?  Is there a workaround or some other step that I’ve missed in order to secure the authentication for the other API?

 

Thanks!

This post has been closed for comments. Please create a new post if you need help or have a question about this topic.

3 replies

Troy Tessalone
Zapier Orchestrator & Solution Partner
Forum|alt.badge.img+14
  • Troy TessaloneZapier Orchestrator & Solution Partner
  • Zapier Orchestrator & Solution Partner
  • May 8, 2024

Hi @TalosTheDigiton 

The Webhooks app can also be used to make API requests and handle authentication: https://zapier.com/apps/webhook/help

 

Security and Compliance at Zapier: https://help.zapier.com/hc/en-us/articles/8496181993613-Security-and-Compliance

⚡ Troy Tessalone - AutomationAce.com | Platinum Authorized Zapier Solution Partner | #1 Zapier Community Contributor
T

Thanks @Troy Tessalone.  The Webhooks app seems particularly useful for some use cases.  I do see where I can add the API key to the headers, but again, it isn’t evident to me that this information will be encrypted like passwords.  I assume that the headers of the Webhooks zap will be stored somewhere in Zapier’s system in plain text.  The security and compliance article you linked also implies that it might be visible through the “comprehensive” logs as well.  I’m happy to have my understanding corrected, but I’m concerned about leaving an API key or similar information in plain text like this.

Troy Tessalone
Zapier Orchestrator & Solution Partner
Forum|alt.badge.img+14
  • Troy TessaloneZapier Orchestrator & Solution Partner
  • Zapier Orchestrator & Solution Partner
  • May 9, 2024

@TalosTheDigiton 

You can try opening a ticket with Zapier Support to get a more official response.


In the Zap Runs > Logs, sensitive data will show was “censored”.

 

⚡ Troy Tessalone - AutomationAce.com | Platinum Authorized Zapier Solution Partner | #1 Zapier Community Contributor
Terms & ConditionsAccessibility statement