Skip to main content

Get Support
Have a question? Let's get you an answer!

How Do I...? Troubleshooting Code & Webhooks Developer Zone

Other Help Resources
Wait, there's more! Check out these Community sourced spaces for additional resources.

Zapier Help Center Hire an Expert

Learning Resources
All of our best learning resources can be found here.

Featured Articles Show & Tell Zapier's products AI Hub Zapier Tools Hub

Share your knowledge
Give back to the Community by sharing your automation wins and helping to answer questions.

Share your success See unanswered questions User Groups

Other Learning Resources
Some of our favorite additional ways to upskill your Zapier knowledge.

Zapier Learn Zapier Blog Zapier Webinars

Product Updates
Check out what is new and upcoming with Zapier with our regular product updates.

Product Updates

Early Access Program
Want to join Early Access? Learn more here.

So we have a session based auth, that needs to refresh a token (much like OAuth, but it’s not an OAuth flow).  Authentication works fine, and my assumption was that the authentication function would also be called when a 401 is raised from any creates or triggers (which we can handle), and the call would be tried again.  In standing up a test, it doesn’t appear it does.  The middleware beforeRequest gets called, throwForStatus throws a RefreshAuthError as expected, but the Zapier stack does not call our authorize function.  Even with skipThrowForStatus = true set on the request, the afterResponse never gets called as the RefreshAuthError isn’t caught.  Struggling to understand how are we supposed to refresh given this scenario?

As a side note, we’re converting from a Legacy Web app that uses session auth.  In that, per Zapier scripting documentation, the get_session_info auth function “will be called when your API returns a 401 or when you raise an InvalidSessionException .”  So the expectation converting to CLI was that this would work similarly (namely session auth, 401 → auth is called).  There’s plenty of CLI documentation for OAuth refresh (setting auto refresh to true, explicit token refresh function), but but not obvious here how we can handle our scenario of a refresh in the context of a session auth.

Ok so looks it actual IS working fine in Zapier.  It’s just that Zapier’s testing app (zapier.createAppTester(App)) doesn’t perform this behavior.  I expected it to because the middleware is in the testing app, but ok.  

 

If it helps others:  if you want to simulate re-auth flows in test locally, I suppose you have to craft the behavior yourself: return 401, catch the RefreshAuthError, and then run through re-auth yourself.

Terms & Conditions