Auth trigger Login Test URL Failing

mawdo81 · April 17, 2023, 4:58pm

So using a custom Auth flow to connect to Xero API using OAuth2 (needs custom to get the tenant id correctly etc.).
Auth is working fine, no issues I can call a resource and get the expected response etc. However I Cannot for the life of me get the Auth trigger Login Test URL to return a positive (logged in result) even trying the same resource etc as a valid query that is returning results...

Any ideas please?

Kabirdas · April 20, 2023, 12:40am

Hey @mawdo81!

If you check the authentication status from the resource page are you able to see a request and response object?

If not, it might help to see a screenshot of your resource setup page that includes the auth trigger login test, taking a look at the working query you mentioned would be helpful as well! If you rather not post them here feel free to DM me as well!

mawdo81 · April 20, 2023, 5:55pm

request: Object
url: "https://api.xero.com/api.xro/2.0/Accounts"
method: "GET"
body: null
headers: Object

1. User-Agent: "Retool/2.0 (+https://docs.tryretool.com/docs/apis)"

2. Authorization: "---sanitized---"

3. Xero-tenant-id: "ff6bf455-89ec-4728-a554-d6040a12a27a"

4. Accept: "application/json"

5. x-datadog-trace-id: "8099149944402946082"

6. x-datadog-parent-id: "2359996095682121116"

7. x-datadog-sampling-priority: "2"

Response:

response: Object
statusCode: 401
statusText: "Unauthorized"
body: Object

1. Type: null

2. Title: "Unauthorized"

3. Status: 401

4. Detail: "AuthenticationUnsuccessful"

5. Instance: "4d527d84-2e92-4ea0-a5dc-854610150261"

6. Extensions: Object

mawdo81 · April 20, 2023, 6:01pm

Yet using https://api.xero.com/api.xro/2.0/Accounts in a resource query gives a successful response, once authenticated. So there is something fishy happening in the login test that I can't fathom.

mawdo81 · April 20, 2023, 6:13pm

mawdo81 · April 20, 2023, 6:13pm

mawdo81 · April 20, 2023, 6:13pm

Kabirdas · April 26, 2023, 12:07am

Thanks for posting such a complete view of your setup @mawdo81, it's great context!

For some further testing - if you switch the endpoint to be https://www.postman-echo.com/get it should send an unsanitized request back to you. Does the token look correct in that request? If it doesn't, would you mind posting here what you're seeing instead of the token?

mawdo81 · April 26, 2023, 7:01am

so the request looks fine to me in that Postman response. The token is as I'd expect

Kabirdas · May 2, 2023, 10:33pm

Is the behavior any different immediately after you authenticate the resource? I'm curious if an issue with the refresh flow may play a role here. Per these docs, it looks like Xero returns the auth token in the access_token property of the response as opposed to auth_token I'm wondering if the token you're seeing returned by Postman echo is an expired one Would be interested to know what a request to the Xero endpoint with that token hardcoded into it returns.

Also curious to see more info about what the successful response looks like when you make the query from your app, in case there's something in it that Retool isn't processing correctly. Would you mind sharing screenshots of the request from your browser's dev tools?

mawdo81 · May 9, 2023, 4:14pm

Grr! PEBCAK. Sorry @Kabirdas your eagle eyes are better than mine...It does appear to be access vs auth error in my setup

Kabirdas · May 9, 2023, 11:37pm

No worries! Glad that fixed the issue

victoria · August 3, 2023, 12:50am