Post header - SET HEADERS method

Hello, I’m Ulrich and new to thunkable and here comes my first question:

For getting data from an web api I need to place the Bearer token in the header of a POST.

Our Bearer token has a lifetime and i need to change it from time to time.
Therefore I need a method to set it and found this inside the web_Api ‘set headers’ method.

When I place the Bearer Token there I receive an 431.

When I use the same token just for trying directly inside the header within the design section it works fine.

So my question: why does the same thing in the design section work, while using the “set headers” methode inside the blocks does not?

Thank you :slight_smile:

2021-03-17_15h39_56

1 Like

Good question. Can you share the blocks you used to attempt this?

1 Like

Most of API headers are constructed as JSON which your API could have this construction too.

You are passing it as string not JSON and therefore it fails.

Thank you muneer and jared :vulcan_salute:
I’ll try with json tomorrow and mark this thread as solved if it works.

1 Like

no, sorry, I had a look. A bearer security token in the header is a string, not a json object (see RFC6750).

So i need to pass a string to the header with the set Web_API 's header to method which does not work - while passing the same string within the design part to the header works.

So my question: is the set Web_API 's header to working correct with strings as it should?

thanks :slight_smile:

1 Like

Header isn’t a string. It’s a Json object with key value pairs.


You would use object blocks with key value pairs. Turn object into a Json. Attach that as the header blocks

1 Like

You are mistaken, JSON is a formatted string by definition. Programming languages prefer to encapsulate it into an object which is a totally different subject.

Header isn’t a string.

I disagree. Bearer Header should be possible to be passed as a string. OAUTH with token in header is just one example.

google:
Example Authorization: Bearer ya29.AHES6ZRVmB7fkLtd1XTmq6mo0S1wqZZi3-Lh_s- ...
(HTTP headers and common query string parameters for JSON  |  Cloud Storage  |  Google Cloud)

RFC6750:
Example: Authorization: Bearer mF_9.B5f-4.1JqM

I tried delivering in json format and our server rejected with 431 Request Header Fields Too Large.

When sending “Authorization: Bearer mF_9.B5f-4.1JqM…” as a string within of thunkables design page it works. And in thunkables design page you may of course provide a string :wink:

Solved my issue:

Sending as object works in this case without passing string.
Problem was: the header application-type in the design page gets overwritten (of course) when you use the set Web_API’s header to method. Therefore you must provide at least both paramaters pairs: content-type + authorization.

Example for Authorization Bearer here:
2021-03-18_12h54_09

3 Likes

Yes, now it’s correct. Most of the API services uses JSON to pass parameters.

Good job.

2 Likes