Re: OAuth2 without user login

Terence_Leung · ‎Feb 21, 2023

I had a AWS Lambda function that is to update an Airtable. And I am going to modify the function to adopt OAuth2 authentication. However, after testing in Postman, it requires user login in a browser and select workspaces and bases. But it is absolutly impossible for Lambda function and we don't want to store user account in the Lambda function.

May I know if we can skip user login during the OAuth2 authentications? Also, can I predefine the allow list of workspaces and bases?

Terence_Leung · ‎Feb 23, 2023

HI, I am on an enterprise plan and sent an email to them. They replied that if an application is for internal use, we can use Personal Access Token (PAT) instead of OAuth2.

By using PAT, I don't need to modify any code as I just change the API Key to the PAT. It is all good now.

See Solution in Thread

goksan · ‎Feb 23, 2023

Hey @Terence_Leung 👋

I don't think we're able to impact the allow lists on the authorization screen.

I don't think there's any way around completing the OAuth process yourself, and then persisting the tokens for refreshing your access in order to avoid needing to reauth. I think your only option is to go down the path of storing the tokens which I know you are trying to avoid.

I'm guessing you're not on an enterprise plan (neither am I) but there are service accounts in the enterprise plan which sound like they meet your requirements.

Terence_Leung · ‎Feb 23, 2023

HI, I am on an enterprise plan and sent an email to them. They replied that if an application is for internal use, we can use Personal Access Token (PAT) instead of OAuth2.

By using PAT, I don't need to modify any code as I just change the API Key to the PAT. It is all good now.

Robert_Jurado · ‎Feb 24, 2023

So how would that work? Just add the PAT in the request call?

RJ

Terence_Leung · ‎Feb 26, 2023

Yes, here is an example:

https://api.airtable.com/v0/xxxxxx/xxxxx

header Authorization: Bearer PAT