About Zapier Community
New to our Community? Get to know more about our space and how to make the most of your time here.

Code of Conduct Community FAQ's Zapier Common Questions What to Expect

Get Started With Zapier
New to Zapier? We have got you covered with our Zapier 101 Resources.

Zapier Essentials

Get Support
Have a question? Let's get you an answer!

How Do I...? Troubleshooting Code & Webhooks Developer Zone

Other Help Resources
Wait, there's more! Check out these Community sourced spaces for additional resources.

Zapier Help Center Hire an Expert

Zapier Products
Learn more about Zapier's new products.

Zapier Tables Zapier Interfaces

Zapier Reading
All of our best learning resources can be found here.

Featured Articles Show & Tell AI Hub Zapier Tools Hub

Learning Groups
Excited to meet other builders? Check out our interest areas full of doers, dreamers, and in-betweeners.

User Groups

Other Learning Resources
Some of our favorite additional ways to upskill your Zapier knowledge.

Zapier Learn Zapier Blog Zapier Webinars

Product Updates
Check out what is new and upcoming with Zapier with our regular product updates.

Product Updates

Early Access Program
Want to join Early Access? Learn more here.

Question

Need Help with Verifying API Key and Passing Webhook Data in Custom Zapier App

  • 23 February 2024
  • 1 reply
  • 30 views
T

Hello Zapier Community!

I'm currently working on a custom Zapier app that involves an Instant Trigger webhook. My main goal is to verify an API key received in the webhook's headers.Authorization against a user-provided API key during the Zap setup. If the keys match, I then want to pass the incoming webhook data to subsequent steps in the Zap.

Here's a brief overview of what I've tried:

  1. I set up an input field for the API key in the app's configuration.
  2. In the perform function of my trigger, I attempted to verify the API key from the Authorization header against the user-provided API key.
  3. If the verification is successful, I want to return the body of the webhook to be used in the next steps of the Zap.

However, I'm encountering issues with verifying the API key and properly returning the webhook data. Here's the basic structure of my perform function:

const perform = (z, bundle) => {
    const expectedApiKey = bundle.inputData.api_key;
    const receivedApiKey = bundle.request.headers['Authorization'].replace('Bearer ', '');

    if (expectedApiKey !== receivedApiKey) {
        throw new Error('Invalid API Key.');
    }

    // Assuming the webhook data is in bundle.cleanedRequest
    const webhookData = bundle.cleanedRequest;
    return webhookData;
};

 

I'm not sure if I'm accessing the headers correctly or if there's a better way to compare the API keys. Also, I'm uncertain about the best way to pass the verified webhook data to the next steps.

Could anyone offer guidance on how to properly verify the API key and ensure the webhook data is passed along correctly in a custom Zapier app? Any advice, code snippets, or resources would be greatly appreciated.

Thank you in advance for your help!

1 reply

T 
Here is the solution:

 

const expectedApiKey = bundle.inputData.api_key;
const receivedApiKey = bundle.rawRequest.headers['Http-Authorization'];
    if (expectedApiKey !== receivedApiKey) {
        throw new Error('Invalid API Key.');
    }
return [bundle.cleanedRequest];

 

Reply


Terms & Conditions