Skip to main content

I’m trying to create an integration so that our external partner can add users to the system from a form without having access to our backend.

 

I have created a couple actions using the Zapier platform which all work fine for creating new objects, except I’m having an issue with one of our API requests.

 

const options = {
url: 'https://hidden.url',
method: 'POST',
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': '*/*',
'AUTHORIZATION': bundle.authData.Authorization,
'Connection': 'keep-alive',
'Accept-Encoding': 'gzip, deflate, br'

},
params: {
'Authorization ': bundle.authData.Authorization
},
body: {
'firstname': bundle.inputData.firstname,
'surname': bundle.inputData.surname,
'email': bundle.inputData.email,
'account': bundle.inputData.account,
'plainPasswordsfirst]': bundle.inputData.plainPassword,
'plainPasswordssecond]': bundle.inputData.plainPassword
}
}

return z.request(options)
.then((response) => {
response.throwForStatus();
const results = response.json;

// You can do any parsing you need for results here before returning them

return results;
});

 

You can see in this code snippet for the API configuration in the body I have plainPasswordafirst] and plainPasswordasecond], both of these body items need to match so I uses the same input plainPassword.

 

However on testing the request it is consistently reporting back with failed due to 401 error “JWT token expired”, even though I know that the same authorization details are working fine for all other requests.

 

It would be great to get some suggestions on next steps I can take on trying to solve this issue.

Hi @RMediaHQ!👋

I have created a couple actions using the Zapier platform which all work fine for creating new objects, except I’m having an issue with one of our API requests.

However on testing the request it is consistently reporting back with failed due to 401 error “JWT token expired”, even though I know that the same authorization details are working fine for all other requests.

One thing I notice is that the authentication token is being sent in two places; in a request header t1] and also as a request parameter a2]:

a156b9a2968d68be868ddd378d22300d.png

Does the API require the token to be sent in both places? I’d recommend checking the API documentation to confirm and then ensure your integration only sends the token where required. I don’t think this is likely to have an impact on the error you’re seeing but it’s definitely something to check 👍

Token expiry

Circling back to the error message itself; an HTTP 401 JWT token expired error indicates that the authentication token being used has expired. In other words, the token can only be used for a limited amount of time before it expires.

If you’re 100% sure that all the actions in your Zapier integration are using the same settings to pass the authentication token in requests, I think we can be confident in the error message, i.e. the authentication tokens are expiring after a period of time.

Which authentication scheme does the API use? The first step is to make sure that your integration uses the correct authentication scheme — one that is supported by the API you’re using. Zapier integrations have built-in support for the most common authentication schemes: https://platform.zapier.com/docs/auth#zapier-supported-authentication-schemes

Refreshing tokens automatically?

If the API uses OAuth 2 and has support for refreshing authentication tokens, you can configure your integration to refresh tokens automatically when the API returns an HTTP 401 status code, as per the details here: https://platform.zapier.com/docs/oauth#add-access-token-request-and-refresh-token-request-urls

Alternatively, if you’re building your integration using the CLI (rather than the Visual Builder “UI”), you can implement an automated token refresh via refreshAccessToken, as per the details here: https://github.com/zapier/zapier-platform/blob/master/packages/cli/README.md#oauth2

Manual reconnection

If the API can only issue authentication tokens that expire and doesn’t support token refresh, app connections created by your app integration would need to be manually reconnected by users: https://help.zapier.com/hc/en-us/articles/8496290788109#4-reconnect-your-app-accounts-0-3

I hope this helps get you moving forward! If it doesn’t, please could you confirm:

  1. Which authentication scheme the API uses
  2. Which authentication scheme you’re using in your Zapier integration

And, ideally, also post a link to the documentation for this API?


Reply