Two new types of authentication supported in the Pack SDK

When writing a Pack, Coda handles all of the authentication logic on your behalf. While this improves security for users and can make life simpler for Pack makers, it does mean that you can only connect to an API if it uses a type of authentication that Coda supports.

To help ensure more APIs are compatible with Packs, we’ve recently added two new types of authentication that you can use:


An increasingly popular variant of OAuth2, the client_credentials flow involves directly trading in a client ID and secret for a short-lived access token. Previously you could employ workarounds using Custom authentication and generating new tokens on every execution, but we’ve now added support for this form of OAuth directly in the SDK:

  type: coda.AuthenticationType.OAuth2ClientCredentials,
  // This URL comes from the API's developer documentation.
  tokenUrl: "",

You can read more about this authentication type, and how it compares to the other flows, in the OAuth2 guide.


What’s better than one header token? Two header tokens of course! And with the new MultiHeaderToken authentication type you can pass any number of tokens in HTTP headers, if your API requires it.

  type: coda.AuthenticationType.MultiHeaderToken,
  headers: [
    { name: "X-API-Key", description: "The key." },
    { name: "X-API-Secret", description: "The secret." },

If there are other forms of authentication you’d like to see supported in the Pack SDK please reach out and let us know.