How do I use my OAUTH token when building a query in Query Library?

I have an OAuth setup for my GraphQL resource. I want to build some queries in Query Library against that resource, but they obviously fail because there is no Authorization header. I could hardcode a temporary token for dev purposes, but I don’t want that to be saved as part of the saved query.

Hey there @bstone and welcome to the community! Just to make sure I understand your issue correctly - have you added a GraphQL resource in the /resources section, or are you querying a GraphQL endpoint directly in the Query Library? If you add a resource on the resources page, you should be able to set up OAuth and then select that resource from the dropdown in the Query Library.

Yes, I have added a GraphQL resource with the OAuth integration. I just don’t have a way of leveraging that from the Query Library. (i.e. I need to “Login”)

More specifically, I’ve created a GraphQL resource that uses the “magic placeholder” OAUTH2_TOKEN bearer token:

Now I want to use that resource in a query, but I can’t get the token to populate so my query runs correctly.

Gotcha, sorry about that @bstone. Not sure what the issue is here - let me check in with engineering and get back to you ASAP.

@bstone does this work if you in a regular Retool app (outside of the Query Library)? This auth should be happening behind the scenes if you already set it up on the resources page, i.e. you don’t need to include any headers when you’re making the actual query in the Query Library.

Thank you @justin - it is populating the OAUTH2_TOKEN, but I think it is passing the access token, and our API is expecting an id token. Can you confirm?

Hi @bstone, just to confirm, the problem is the flow works in the regular Retool editor but doesn’t in the Query Library? Or is it that the access token is incorrect? FWIW, the Oauth2 flow does replace the magic placeholder with the access token. What do you need it to do instead?

Our current APIs expects the ID token to be passed in the Authorization header, so that is the issue we are hitting. Playing with the custom auth flow now, it appears I can do my OAUTH2 flow then capture the ID_token as a variable. However, the token returned is an old token that is expired…

I was able to get this working using the Custom Auth flow to capture the ACCESS token (I was mistaken in which we needed). Here is the configuration that works well: