Custom Auth Issues? Runs on Every API Call?

💬 App Building
1

I'm not sure if this is a bug or not, because maybe I'm missing something here with Custom Auth. But, we set up a custom auth for a resource. The custom Auth in the resource calls an API endpoint, which provides us with the Token to pass to an API call for the Resource (Bearer Authorization). It works fine. We run the Resource, it calls the custom auth, passes the token to the resource, and we can query the endpoint associated with the resource.

However, the problem is that we noticed that the Custom Auth workflow runs on every single call to the resource even after we authorize it. This doesn't seem right. The idea is that you create a Resource with a Custom Auth, and once you get the token in this case from the custom auth, why would the Custom Auth run again? BTW, the token we get from the Custom Auth expires in 24 hours, so there is no reason to be requesting this again as it has not expired.

The problem, of course, is that we face API limits on the token request used in the Custom Auth, so our apps break, because the authorization request is denied because it's being requested one every single request to resource.

What am I missing here? Or this is a bug?

2

Never mind, I now see there is an "Auth Trigger" setting at the bottom of the page which controls the custom auth. It might be better to move this up the page, as it's easy to miss and I've personally been struggling to figure this out for an hour already. I think when you Choose Custom Auth as an option, you should immediately see this Auth Trigger under the drop down box for Custom Auth.

4

Hi @ddsgadget,

Appreciate your feedback here, glad you were able to find a workaround. We've gone ahead and made some changes to the UI that should make it much more clear.

The auth trigger itself actually has always triggered the 'refresh auth' workflow, so we've updated the UI to make that more clear. We've also now updated it so that it only shows itself once the user specifies a refresh auth workflow. We're hoping this makes setup a lot more clear.

Thanks for pointing this out!