This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Help

Re: No code/low code way to integrate with third party API that uses basic authentication?

2018 0
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Tushar_Sheth
5 - Automation Enthusiast
5 - Automation Enthusiast
See Solution in Thread

‎Dec 02, 2020 10:48 AM

I am using Airtable as the backend for my hiring assessment app (a cybersecurity hiring test). As I understand it, Airtable’s API uses bearer authentication.

I’m trying to integrate my app with Greenhouse.io, an applicant tracking system. Greenhouse’s API uses basic authentication.

The way it works is this:

  1. Our customer, which uses Greenhouse to manage its hiring process, gets a list of tests (assessments) from us with a GET call.
  2. Customer chooses which test they’d like a particular candidate to take, and gives us the details with a POST call.
  3. We send the test to the candidate.
  4. We let the customer know when the assessment is complete with a PATCH call.
  5. Customer gets the assessment results from us using a GET call.

Is there a no code/low code way for me to integrate with the Greenhouse API even though they use a different authentication method?

0 Kudos
Reply
20 Replies 20
Bill_French
17 - Neptune
17 - Neptune
See Solution in Thread

‎Dec 02, 2020 11:14 AM

The security protocols used by each service are irrelevant in the context of the solution. Each is an independent API “conversation”.

I assume this is a POST to the Airtable API, right?

In your five steps, you make it sound like your system already does this. Is this not the case?

Reply
Tushar_Sheth
5 - Automation Enthusiast
5 - Automation Enthusiast
In response to Bill_French
See Solution in Thread

‎Dec 02, 2020 11:36 AM

Thanks for the quick engagement.

From Greenhouse: “We authenticate differently than Airtable, so we won’t be able to use Airtable’s APIs.”

That is what we’d like to occur. But Greenhouse’s response indicates it’s not possible. Any suggestions on workarounds?

The 5 steps are what we want to happen. But Greenhouse seems to indicate not possible in current state. Or am I just not understanding their response above (which is possible, since I’m totally learning as I go)?

0 Kudos
Reply
Tushar_Sheth
5 - Automation Enthusiast
5 - Automation Enthusiast
In response to Tushar_Sheth
See Solution in Thread

‎Dec 02, 2020 11:39 AM

To clarify: by “what we want to happen”, I mean that I’m trying to conform to how Greenhouse’s assessments API is setup to work.

0 Kudos
Reply
Tushar_Sheth
5 - Automation Enthusiast
5 - Automation Enthusiast
In response to Tushar_Sheth
See Solution in Thread

‎Dec 02, 2020 11:55 AM

@Bill.French here’s relevant info from Greenhouse’s assessment API documentation:

Every request Greenhouse sends to a Assessment Partner’s API will utilize HTTP Basic Authentication over HTTPS. As such, we require each of the API endpoints to use HTTPS.

When an organization decides to utilize a Assessment Partner’s integration, they will provide their Greenhouse Account Manager with their API key for that Assessment Partner.

Greenhouse will then make all requests for the organization using that API key as the username in Basic Authentication. Greenhouse will append a : (colon) to the API token and then Base64 encode the resulting string.

Upon receiving a request, the Assessment Partner should inspect the API key to determine whether the request should be permitted and which data should be returned.

Example Situation

0 Kudos
Reply
Bill_French
17 - Neptune
17 - Neptune
See Solution in Thread

‎Dec 02, 2020 12:01 PM

Correct - this is the case if you hope to use their webhooks to push data into Airtable.

There are some useful nuances to grasp in this learning moment -

  1. Greenhouse is offering a very limited authentication capability; Airtable is as well.
  2. Airtable offers no webhook service to listen for POSTs so even if Greenhouse could send data using Bearer authentication, there are no endpoints in Airtable that you could provide to them.
  3. Both vendors have weak or adolescent platforms in terms of integration architectures.
  4. Greenhouse could/should offer Bearer authentication by allowing its users to click a checkbox; it’s literally a single word in the API configuration to make it possible.

Indeed, it is not possible without a little glue. But Greenhouse should be more positive about how to overcome their own limitations. And certainly, Airtable should offer inbound webhooks that support both Basic and Bearer authentication.

There’s at least one alternative approach - create a proxy webhook service that listens for data (and requests) being sent from Greenhouse and pushes it on to Airtable (or retrieves it) using its API authenticated with Bearer credentials. I build these all the time for clients.

Another approach may be possible using webhooks in Zapier or Integromat to act as the bridge to and from Airtable.

How important is this automated process for your company?

Reply
Tushar_Sheth
5 - Automation Enthusiast
5 - Automation Enthusiast
In response to Bill_French
See Solution in Thread

‎Dec 02, 2020 12:20 PM

Very helpful. I clearly do not understand how APIs work. Sorry about that.

I don’t care right now if things have to be manual on my company’s side. So I could collect data and add it to Airtable manually. And take data from Airtable and do manual things to somehow get it to Greenhouse.

However, for our customer’s side, it is very important to me that they be able to request an assessment and send us relevant data directly from their ATS, in this case, Greenhouse. And receive data from us directly into Greenhouse.

For the moment, I’m interested in any makeshift solutions that would “automate” for our customer as described. We don’t have a ton of resources, but if this is something you know how to do, I’d be interested to know what it might cost. I’ll send you a DM.

0 Kudos
Reply
Bill_French
17 - Neptune
17 - Neptune
In response to Tushar_Sheth
See Solution in Thread

‎Dec 02, 2020 12:37 PM

Understood and no worries about the depth of knowledge concerning APIs - it’s a lot to choke down but over time you will be more comfortable as the terminology sets in. Besides - who can really say they understand all of this? I know I can’t.

Given the tight resource constraints, I would take a little journey to investigate if Integromat could draw these two platforms together. It’s a no/low-code “adhesive” approach and it might actually work especially if you can enlist @ScottWorld for a brief paid session to help you out.

Reply
Tushar_Sheth
5 - Automation Enthusiast
5 - Automation Enthusiast
In response to Bill_French
See Solution in Thread

‎Dec 02, 2020 12:41 PM

Great! Thank you for all of this. Will look into some options and post here what I figure out.

0 Kudos
Reply
ScottWorld
18 - Pluto
18 - Pluto
See Solution in Thread

‎Dec 02, 2020 01:47 PM

Thanks, @Bill.French! :slightly_smiling_face:

@Tushar_Sheth Yes, Integromat has webhooks, so if Greenhouse lets you send data to a webhook, then you could accept the data in Integromat and then parse it for usage in Airtable.

I have responded to your private message as well! :slightly_smiling_face:

0 Kudos
Reply
Copyright © 2024 Khoros, LLC