APIs & Integrations

Search APIs & Integrations for solutions or ask a question
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
pablo-synthflow

‎Mar 20, 2025 7:37 AM

Member

How to Add an Authorization Header to Custom Workflow Actions?

Hey all — I have a question about custom workflow actions. How can I add a header to them?
I’m sure it’s possible, but I haven’t been able to figure it out. I think I might need to use a PRE_ACTION_EXECUTION function but I’m not sure.
My action is currently working, but I want to secure the endpoint and ask the user to provide a token via UI, using one of the action inputs (open to other methods if you have better suggestions!). The idea is to then add an Authorization: Bearer token header to the action.

This is a simplified version of the payload:

{
"actionUrl": "<BACKEND_URL>",
"published": false,
"inputFields": [
{
"typeDefinition": {
"name": "workspace",
"type": "enumeration", 
"fieldType": "select",
"options": [],
"optionsUrl": "<REDACTED>",
 
   ...
 
],
"objectRequestOptions": {
"properties": [
"firstname",
"email", 
"lastname"
]
},
"labels": {
"en": {
"inputFieldLabels": {
"workspace": "Workspace",
"phone": "Lead Phone Number",
"prompt": "Prompt"
},
"outputFieldLabels": {
"call_analysis": "Call Analysis",
"call_id": "Call ID",
"call_initiated": "Call Initiated"
},
"actionName": "Make Phone Call",
"actionDescription": "",
"actionCardContent": ""
}
},
"objectTypes": [
"0-1"
],
"outputFields": [
{
"typeDefinition": {
"name": "call_analysis",
"type": "string",
"fieldType": "text",
 
   ...
 
],
 
"id": "<REDACTED>",
"revisionId": "1",
"functions": []
}

Thanks!!
Developer tools
0 Upvotes
2 Replies 2
SteveHTM
Key Advisor | Platinum Partner

‎Mar 20, 2025 2:12 PM

Key Advisor | Platinum Partner

How to Add an Authorization Header to Custom Workflow Actions?

@pablo-synthflow - I thinkk what you are asking is how to add a header to API calls executed in the custom workflow logic? Apologies if I have this incorrect.

 

The classical approach of hiding an access token for any kind of API call (HubSpot or 3rd party) is to use a SECRET passed as an environment variable to the code at startup. Taking this approach, you can manage/update that SECRET value periodically without making individual changes to all the code sequences that use it. The SECRET is stored independently of any record properties of course.

 

When you format  the header for a request (in Python that is) you construct the appropriate header using the retrieved value of the SECRET.

 

Is that helpful?

 

Steve

Steve Christian

HTM Solutions

https://info.htmsolutions.biz/meetings/stevec2

mobilePhone
+1 6195183009
emailAddress
stevec@htmsolutions.biz
website
www.htmsolutions.biz
address
San Diego, CA
Create Your Own Free Signature
0 Upvotes
pablo-synthflow

‎Mar 21, 2025 2:16 PM

Member

How to Add an Authorization Header to Custom Workflow Actions?

Hey Steve! Thanks for responding 🙂 I think I'm asking something a bit different. I'm following these docs to let my Hubspot app users execute a particular action.

 

The action works, but I want them to be able to input an API key (that they get from my website) in order to use it.

I am using the PRE_ACTION_EXECUTION parameter for that, but it doesn't seem to work for me.

 

This is my current payload (simplified and sanitized)

{
"actionUrl": "https://example.com/hubspot-action",
"published": true,
"inputFields": [
{ "name": "workspace", "optionsUrl": "https://example.com/api/hubspot-get-workspaces/" },
{ "name": "model_id", "optionsUrl": "https://example.com/api/hubspot-get-agents/" },
{ "name": "phone" },
{ "name": "api_key" },
{ "name": "lead_timezone", "optionsUrl": "https://example.com/api/hubspot-get-timezones" },
{ "name": "prompt" },
{ "name": "greeting" }
],
"labels": {
"en": {
"actionName": "Make Phone Call"
}
},
"functions": [
{
"functionType": "PRE_ACTION_EXECUTION",
"functionSource": "exports.main = (event, callback) => {\n const apiKey = event.inputFields.api_key;\n const contactProps = event.object.properties;\n const fullName = `${contactProps.firstname || ''} ${contactProps.lastname || ''}`.trim();\n const requestBody = {\n phone: event.inputFields.phone,\n name: fullName,\n model_id: event.inputFields.model_id,\n workspace: event.inputFields.workspace,\n prompt: event.inputFields.prompt,\n greeting: event.inputFields.greeting,\n lead_timezone: event.inputFields.lead_timezone,\n contact: contactProps\n };\n callback({\n webhookUrl: event.webhookUrl,\n body: JSON.stringify(requestBody),\n contentType: \"application/json\",\n httpHeaders: {\n Authorization: `Bearer ${apiKey}`\n }\n });\n};"
}
]
}

 

When I create the action using that payload, I get a 200 OK, but if I fetch the Hubspot action, the last part of the payload is like this:

"functions": [
{
"functionType": "PRE_ACTION_EXECUTION"
}
]

There is no functionSource, which makes me think that the action is not really being formatted according to the function.

 

Do you know what might be happening here?

 

Thanks a lot!! 

0 Upvotes
Sunny

Sign up for the Developer Newsletter

Fresh content delivered to your inbox every month.
How to Add an Authorization Header to Custom Workflow Actions?
Developers
Mar 21, 2025