Build auth using 'Bearer Token' authorization

Hi @jkirkwood001 ,

Thanks for sharing those super helpful details!

Taking a look, one that stands out to me is that the endpoint/url in your screenshot is a bit different than the one shared by Galaxy Digital in their example code. 

Galaxy Digital’s code seems to refer to these docs:

http://api.galaxydigital.com/docs/#/Login/login

They appear to be using the following endpoint to authenticate:

https://api.galaxydigital.com/api/users/login

It’s also worth noting that their parameters are a bit different than those in your screenshot: user_email, user_password, and key

Based on those docs, I agree that Session authentication sounds like a good fit. 

If you haven’t already done so, it might help to check out the following resource, which walks through how Session auth works and how to set it up:

• Session Auth

Overall, I might suggest trying this:

1. Switch your integration’s Authentication to Session
2. Create Authentication Fields to capture user_email, user_password, and key
3. Plug https://api.galaxydigital.com/api/users/login as the Token Exchange Endpoint 
4. Click Show Options to make sure the Authentication Fields are included in the request body

Hope this points you in the right direction!

Hi @jkirkwood001 ,

Thanks for giving that a shot!

Comparing the screenshots to the docs…

http://api.galaxydigital.com/docs

...I have a few suggestions that I hope will help.

In the setting pictured below, let’s try making the following changes:

• Switch PUT to POST
• Remove the URL and replace it with: https://api.galaxydigital.com/api/users/login

In the settings below, let’s:

• Switch username TO user_email
• Switch userpassword TO user_password
• Add another field with the combo: key / {{bundle.authData.api_key}}

And let’s remove Authorization from the URL params:

Below, in the test request config, let’s:

• Replace the URL with the following: https://api.galaxydigital.com/api/users
• Remove the current URL Params and HTTP headers
• Click the HTTP Headers tab and add the combo: Authorization / Bearer {{bundle.authData.token}}

Then let’s try testing the auth again. 

If that does not help, please feel free to reach out to our team and we’ll be glad to take a closer look at the integration: https://developer.zapier.com/contact

...and it keeps saying “This account is expired.” so I’m re-entering my credentials each time. Why does it think I’m ‘Anonymous’?

authentication failed: What happened (You are seeing this because you are an admin): Starting GET request to https://api.galaxydigital.com/api/users Received 401 code from https://api.galaxydigital.com/api/users after 56ms Received content "{"message":"Unauthenticated."}" Console logs: Stack trace: RefreshAuthError at throwForStaleAuth (/var/task/node_modules/zapier-platform-core/src/http-middlewares/after/throw-for-stale-auth.js:10:11) at Object.<anonymous> (/var/task/node_modules/zapier-platform-core/src/middleware.js:80:37) at bound (node:domain:433:15) at Object.runBound (node:domain:444:12) at Object.tryCatcher (/var/task/node_modules/bluebird/js/release/util.js:16:23) at Promise._settlePromiseFromHandler (/var/task/node_modules/bluebird/js/release/promise.js:547:31) at Promise._settlePromise (/var/task/node_modules/bluebird/js/release/promise.js:604:18) at Promise._settlePromise0 (/var/task/node_modules/bluebird/js/release/promise.js:649:10) at Promise._settlePromises (/var/task/node_modules/bluebird/js/release/promise.js:729:18) at _drainQueueStep (/var/task/node_modules/bluebird/js/release/async.js:93:12) at _drainQueue (/var/task/node_modules/bluebird/js/release/async.js:86:9) at Async._drainQueues (/var/task/node_modules/bluebird/js/release/async.js:102:5) at Immediate.Async.drainQueues [as _onImmediate] (/var/task/node_modules/bluebird/js/release/async.js:15:14) at processImmediate (node:internal/timers:466:21) at process.topLevelDomainCallback (node:domain:161:15) at process.callbackTrampoline (node:internal/async_hooks:128:24)

Changed these Labels to be in sync:

Now I get this different (progressing?) error - it’s still suggests I’m logging in as ‘Anonymous’ 🤷🏻:

authentication failed: The app returned "The given data was invalid.". What happened (You are seeing this because you are an admin): Stack trace: ResponseError: {"status":422,"headers":{"content-type":"application/json","retry-after":null},"content":"{\"message\":\"The given data was invalid.\",\"errors\":{\"key\":[\"The key field is required.\"]}}","request":{"url":"https://api.galaxydigital.com/api/users/login"}} at _throwForStatus (/var/task/node_modules/zapier-platform-core/src/http-middlewares/after/prepare-response.js:13:11) at Object.outResp.throwForStatus (/var/task/node_modules/zapier-platform-core/src/http-middlewares/after/prepare-response.js:68:5) at throwForStatusMiddleware (/var/task/node_modules/zapier-platform-core/src/http-middlewares/after/throw-for-status.js:5:14) at Object.<anonymous> (/var/task/node_modules/zapier-platform-core/src/middleware.js:80:37) From previous event: at /var/task/node_modules/zapier-platform-core/src/middleware.js:77:26 at Array.reduce (<anonymous>) at afterMiddleware (/var/task/node_modules/zapier-platform-core/src/middleware.js:76:21) at Object.<anonymous> (/var/task/node_modules/zapier-platform-core/src/middleware.js:94:18) From previous event: at Object.<anonymous> (/var/task/node_modules/zapier-platform-core/src/middleware.js:92:10) From previous event: at /var/task/node_modules/zapier-platform-core/src/middleware.js:89:45 at /var/task/node_modules/zapier-platform-core/src/tools/create-lambda-handler.js:212:18 at bound (node:domain:433:15) at runBound (node:domain:444:12) at processImmediate (node:internal/timers:466:21) at process.topLevelDomainCallback (node:domain:161:15) at process.callbackTrampoline (node:internal/async_hooks:128:24) From previous event: at Domain.<anonymous> (/var/task/node_modules/zapier-platform-core/src/tools/create-lambda-handler.js:196:10) at Domain.run (node:domain:389:15) at Runtime.handler (/var/task/node_modules/zapier-platform-core/src/tools/create-lambda-handler.js:192:19) at Runtime.handleOnceNonStreaming (file:///var/runtime/index.mjs:1086:29)

Hi @jkirkwood001 ,

Yes, feel free to delete those failed connections. 

Regarding the error, it appears that Galaxy Digital’s API expects the API key property to be named key.

Can you please try renaming that property in the token exchange request to key (instead of api_key)?

Hi @jkirkwood001 , 

I see that the key of the API key field was changed, so it looks like the API key was left out of the request. 

In the token exchange request, on the right, can you please change {{bundle.authData.api_key}} to {{bundle.authData.key}}?

That should make sure the API key entered in the “API key” field gets passed as the key property in the request.

For a bit of context, cURL is another way you could make an HTTP request, like Zapier is doing. However, cURL is a command-line tool that you’d typically use locally on your computer. API documentation often uses cURL as a shorthand example. For our purposes, the cURL example is helpful because it shows the URL and properties we need to use in the request, but Zapier can’t run cURL directly. So we’re essentially translating the cURL example into the format Zapier uses.

Hey @jkirkwood001 ,

From the error, it looks like the endpoint might have changed. 

I recall Galaxy Digital shared the following endpoint url:

https://api.galaxydigital.com/api/users/login

Is that, instead of the volunteerapi.com… endpoint also hitting an error?