Skip to main content
Best answer

Forcing a refresh for session token

  • June 1, 2021
  • 1 reply
  • 749 views

We are currently doing the following for getSessionKey and includeSessionKeyHeader:

const getSessionKey = async (z, bundle) => {
    const response = await z.request({
        url: `${process.env.BASE_URL}/rest/auth`,
        method: 'POST',
        headers: {
            'Accept': 'application/json',
            'Content-Type': 'application/x-www-form-urlencoded',
        },
        body: {
            loginname: bundle.authData.loginname,
            passwd: bundle.authData.passwd,
            appkey: bundle.authData.appkey,
        },
    });

    return {
        jwt: response.data.jwt,
    };
};

const includeSessionKeyHeader = (request, z, bundle) => {
    if (bundle.authData.jwt) {
        request.headers = request.headers || {};
        request.headers['Authorization'] = `Bearer ${bundle.authData.jwt}`;
        request.headers['ignite-appkey'] = bundle.authData.appkey;
    }
    return request;
};

This is working as expected after signing in and making calls to our API. The issue is after 12 hours our API expires the JWT. The JWT never seems to get refreshed. What is the best method for forcing getSessionKey to be called before each Task/Create is triggered? Is there a method for forcing the session to get refreshed?

Best answer by ZaneBest answer by Zane

Have you checked out https://zapier.github.io/zapier-platform/#stale-authentication-credentials, and was it helpful? Does your API return a 401 when the token needs refreshing? If not you’ll need to handle the condition by catching it and throwing a refresh auth error `throw new z.errors.RefreshAuthError();`

View original
Did this topic help you find an answer to your question?
This post has been closed for comments. Please create a new post if you need help or have a question about this topic.

1 reply

Forum|alt.badge.img+9
  • Zapier Staff
  • 331 replies
  • Answer
  • June 7, 2021

Have you checked out https://zapier.github.io/zapier-platform/#stale-authentication-credentials, and was it helpful? Does your API return a 401 when the token needs refreshing? If not you’ll need to handle the condition by catching it and throwing a refresh auth error `throw new z.errors.RefreshAuthError();`