Custom Auth set-up using OAuth2 (Google) - URGENT HELP

After trying for weeks to fix it, I gave up. It's frustrating how Retool is making things more complicated than they would be if I were coding it through and through.

Since retool doesn't support Oauth queries in public app and doesn't let the user access the value of tokens generated in business plan, I decided to use custom auth and then set-up the workflow using OAuth2 (Google)

Well, everything seems to run perfectly (just not the way it is supposed ) without sufficient permissions.

Front end to trigger the query for custom auth (to let therapist connect their Google calendar and give the app access to edit, read and write the events on their calendar)

Query Set-up

I selected custom auth in authentication:

then set up workflow for OAuth2 (Google) custom auth

then defined the variables

there is no consent screen for calendar access despite adding the scope.

workflow ran successfully

refresh workflow has 0 steps but it still ran successfully

Can someone help me set-up custom auth for google calendar API and save token values in the database so I can request the google calendar API to create an event in therapist calendar when the client books through a publicapp (no authentication here).

Note: Therapist have a separate app where in they login and set-up their google calendar.

PS: Retool has a lot of restrictions and now that I look back on the time, I have wasted more time in building it here than I would have if I coded it all with the help of AI. A lot of simple tasks and workflows are super complicated in retool and it's frustrating when I'm caught up doing all this only to delay the launch of my start_up

@Paulo, @AbbeyHernandez and @Darren - requesting your help here.

I would appreciate any help that can be given. it's frustrating that something that's suppose to ease the life is making it difficult for me. I have reached a point to take off my entire app from retool and migrate it to some other platform because the documentation clearly sucks.

Hi @Vinyasa_Health, I'm sorry to hear about your frustration.

As you mentioned, Retool doesn't support OAuth queries in public apps. Your use case is possible with External Applications if patients are designated as external users within your organization (members of the External Users Permission Group). This way, the app wouldn’t need to be public and you’d be able to implement OAuth successfully.

It seems like you're looking for a workaround to have patients not be a part of your organization, paying only for therapists as external users. It should be no surprise that our documentation does not include how to go around our pricing model.

@Darren shared a workaround for something similar using a Workflow to store the token in a shared database. For your use case, you would need to trigger this workflow from the app, then run a query to get that token from the shared db. It may be worth a shot, but you'd have to be careful with the scope of that token.

Hi Paulo

Appreciate the response and your understanding.

Essentially these patients are not recurring users hence I want to restrict them to booking a session via the embedded retool app from my website. About the workaround Darren has shared, I tried it already but I'm unable to add the last step as resource query is throwing an error "Saving Failed: Invalid Value"

this is after successfully running and fetching the tokens.

Hey @Vinyasa_Health! Have you thought about allowing non-recurring users to authenticate using a cellphone number and a confirmation code? You could even use an email code for this. It's not as straightforward as OAuth, but it simplifies things by avoiding forgotten passwords and the added complexity of MFA! :blush:

Something to consider

1 Like

Could you share a screenshot showing this error? Happy to take a look a it.

I worked through it by creating a new resource from the beginning.

However, the workflow seems to be throwing errors despite the query running successfully. The data stored in the database is null however in the log I can see the workflow has fetched the data
Query success:


Null value stored:

Workflow set-up

I'm not sure what's going wrong.

On the startTrigger block, {{ oauth1.accessToken }} is undefined, that's probably why we are getting null. Within the editor of the WF, these are just test params. replace {{ oauth1.accessToken }} with just a string like "TEST_TOKEN". When you trigger the workflow via Webhook, you'll pass the actual token.

Try adding a response block with startTrigger.data so we can see if we are getting the token in the logs.

{{oauth1.accessToken}} is defined in the body params when triggering the workflow

Query failed. Not sure, what I am missing. Test Oauth workflow is successful but the webhook

start_trigger and response query were successful

However, query 2 failed:
Error evaluating query2: null value in column "access_token" of relation "Sucess_auth" violates not-null constraint

I think I'm calling the values incorrectly in query 2 but unsure of what's wrong :sweat_smile: @Paulo

This looks like your Resource configuration. Where are we triggering the Retool Workflow via Webhook? When we trigger the Workflow, we need to pass values for ACCESS_TOKEN, ID_TOKEN, REFRESH_TOKEN. This is the only way that startTrigger will get values for those keys, otherwise they are always null.

We are probably triggering the WF from the App. Could you show us that Resource query?

For the workaround to work, the Workflow needs to get those values so it can successfully save them in the table.

so, the body param screenshot is part of the api request set-up. -

Here is the complete resource configuration
step 1 -


step 2 -

step 3 -


step 4

Response:


this resource final_cal is linked to authlogin component inside the app and the resource is trigged once the user clicks on the auth login(connect calendar)

Could you re add the screenshot for step 2? We can't see it.

step 2, 3 and 4 -> defining exported variables each

@Paulo

Thanks for adding it! :slightly_smiling_face:

I have not found the issue yet but let's make a small change for peace of mind and then run it again.

On your WF:

Disconnect the startTrigger block from the response block. Connect "query1" to the response block so the steps are set up like: startTrigger -> query1 -> response1

Note: I edited your post above to include the missing screenshot.

The Oauth workflow test failed. I believe it's related to the way I'm referring to the variables—a wild guess. Can you check for query 2 once?


attaching the screenshot for reference - @Paulo

It looks like you are referencing them correctly.

I think I found the issue:

Look at the key value pair for REFRESH_TOKEN. Fix the quotation marks and let's try again.

Also check the quotation marks for ID_TOKEN it looks like this may have come from a copy/paste. rewrite them using " "