Bug Report: Workflow alias URLs don't support query string auth

Workflows
1

Problem

Using query string authentication (instead of header authentication) with webhook trigger alias URLs will pass a null object to the trigger step instead of the request's actual JSON data.

That's a mouthful. See below for a clearer explanation.

Example

In both of these examples I'm using query string authentication (i.e., workflowApiKey).

When using the full workflow URL, everything works as expected.

curl -X POST \
--url "https://api.retool.com/v1/workflows/<wf-id>/<step-name>?workflowApiKey=<api-key>" \
--data '{"hi":"mom"}' \
-H 'Content-Type: application/json'

Zight 2024-07-15 at 5.09.43 PM
Zight 2024-07-15 at 5.09.43 PM1994×312 65.6 KB

However, using the aliased URL with query string authentication does not work. The workflow will execute, but the trigger step will show a null data object instead of the provided JSON.

curl -X POST \
--url "https://<teamname>.retool.com/url/<alias>?workflowApiKey=<api-key>" \
--data '{"hi":"mom"}' \
-H 'Content-Type: application/json'

Zight 2024-07-15 at 5.08.43 PM
Zight 2024-07-15 at 5.08.43 PM1386×322 63.4 KB

There's a bug somewhere along the way with how the json data object gets passed when using aliases.

2

Hey Christian! :wave: Thanks for this post. I'm looking into it on my Retool cloud instance and not able to reproduce this error. :thinking:

## Without alias with workflowApiKey param
curl -X POST --url "https://api.retool.com/v1/workflows/<wf-id>/startTrigger?workflowApiKey=<api-key>" \
--data '{"hi":"mom"}' \
-H 'Content-Type: application/json'

Without alias using workflowApiKey
Without alias using workflowApiKey1888×296 25.1 KB

--

# With alis with workflowApiKey param 
curl -X POST --url "https://<teamname>.retool.com/url/aliasURL?workflowApiKey=<api-key>" \
--data '{"hi":"mom"}' \
-H 'Content-Type: application/json'

With alias using using workflowApiKey
With alias using using workflowApiKey1822×294 24.8 KB

--

Can you tell me what version of Retool are you working on? Are you able to send any more screenshots/screen recordings of this error in real time? Can you add a JS block console logging "startTrigger.data.hi" before your sqlQuery and see what the output is? What do the run logs look like? Below are mine.

Screenshot 2024-07-23 at 10.25.32 AM
Screenshot 2024-07-23 at 10.25.32 AM3442×1950 455 KB

--

Would love to help you get to the bottom of this. Just need a bit more information since I'm not seeing that issue on my end yet. :+1: