I'm just starting to explore OAuth connections within my apps and running into some issues.
My goal is to allow users of a public app to OAuth to Google, then run a query to get a report from the YouTube Analytics API about the connected channel.
I was able to successfully connect using Retool's Authenticate with Google APIs using OAuth 2.0 instructions, but I'm running into issues when trying to pass dynamic values to the request so that the time period is based on the timing of the user's OAuth connection. Not sure if it's because I'm doing something incorrectly or what I'm trying to do is just not possible with Retool.
Here's what I've got so far:
Using hardcoded key values for startDate and endDate when editing the resource seems to work fine
Attempting to run the query from the app interface using double bracket variables doesn't work. The API request seems to be running from the original resource and doesn't update from any URL changes I make. In the below screenshot, I'm trying to update the endDate to be today's date, but the request after running the query reverts to the original hard coded date
I then tried to edit the resource to have the double bracket variable instead (which seems to work based on the linting), but when running that, it doesn't actually transform the value before the request
well, that's odd. just to rule things out, does using {{ moment().format('YYYY-MM-DD') }}
and {{ moment().subtract(30, 'days').format('YYYY-MM-DD') }}
produce the same results?
We have a feature request in our backlog for allowing custom Javascript or dynamic variables in resource configurations. I'll post here if that becomes prioritized.
Custom auth does have an option for adding Javascript steps though. You could try recreating the Oauth2 flow in custom auth and add a Javascript step + a custom defined variable.
Do you need the values hardcoded in the resource config? If not, you could remove them from the resource and set them dynamically on the app query
One note with your use case is that resources that per-user authentication (e.g., Google Sheets, OAuth, custom auth, etc) prevent apps from being shared publicly.
Custom auth does have an option for adding Javascript steps though. You could try recreating the Oauth2 flow in custom auth and add a Javascript step + a custom defined variable.
I attempted this, but I'm getting the following error:
One note with your use case is that resources that per-user authentication (e.g., Google Sheets, OAuth, custom auth, etc) prevent apps from being shared publicly.
That's unfortunate, as the app being semi-public (i.e., a specific user can access their specific state/instance of the app) is a necessity for my use case. Is there any workaround where I could pass that oauth'd data to my database resource?
For the variables, you'd want to add a Javascript step first, to process the date JS, then pass that JS result to a variable.
It looks like the API request at the end should be filled in on the resource level, rather than in the Custom Auth section
Are there specific scopes you need to list? The OAuth2 Generic option has a field for scopes.
As long as the user is logged in to Retool when they use the app, they should be able to access the authenticated resource (assuming they have permission)
It looks like the API request at the end should be filled in on the resource level, rather than in the Custom Auth section
If this is the case, then based on this...
We have a feature request in our backlog for allowing custom Javascript or dynamic variables in resource configurations. I'll post here if that becomes prioritized.
It seems like I won't be able to dynamically change the date, is that correct?
Anyway, without the Javascript, when testing the flow, once I authorize, I get directed to "https://oauth.retool.com/oauth/redirectToIdp" that just says "Found. Redirecting to". Am I missing something else from there?
If you are looking to pass those JS dates to the headers, that should work with this setup
This very simplified version of your latest example is working on my side
Then, any app requests to any endpoints of:
Would have those dates in the headers.
I am moving this over to the feature requests category since we're still waiting for internal updates on custom js variables in resource configs or custom libraries in custom auth
We have a feature request for this in our backlog
Are you passing the auth token to the base url headers?
