Hello,
I’m trying to acquire refresh_token to initiate a npm package. Do you know if such ability could be achieved?
Hi @ralphilius - Welcome to the Coda Community! Packs can use OAuth2 (see here), but it may not be compatible with your NPM package for a few reasons:
-
Many NPM packages have dependencies on Node- or web-specific APIs that aren’t available in the Packs runtime (read more here).
-
All network traffic in a Pack must go through our custom Fetcher interface, which NPM packages wouldn’t be aware of.
-
Authentication credentials (access tokens, refresh tokens, etc) in a Pack are kept isolated from the code. Instead they are automatically injected into the outgoing request as it is being sent. This means you can’t directly access the refresh token and pass it into a library.
In most cases your best bet is to skip the NPM package, use our standard authentication mechanism, and hand-write the HTTP requests yourself. Let me know if that makes sense.
I understand your point of view. The NPM library is the easiest way and comprehensive way for integrating with some services. Ofc we can do hand-write API request, but it would take lots of time to handle edge cases as well (which should be handled by the library). Would you consider exposing those tokens as environment variables instead?
Btw, would it be possible for me to add custom settings that users could enter manually?
Unfortunately we can’t expose the refresh tokens to user-written code, since the values could then be extracted and used in ways the user hasn’t intended. As mentioned, even if we had that feature the NPM library wouldn’t work since it wouldn’t know to use out custom Fetcher interface.
Regarding custom settings, what sort of settings would you add? At which level (user, account, doc, etc)?