I'm using severalexternal APIsin workflow custom code actions which require their API tokens to be regularly refreshed.
I could create a separate workflow to refresh these tokens on a regular basis, but I have no way of storing them anywhere in Hubspot. I also do not want to refresh the tokens every time my workflows run.
Ideally there would be a Hubspot API endpoint which would enable me to update our custom code secrets, but that doesn't currently exist.
Example use case: Zoominfo's API requires the refreshing of the JWT every 60 minutes but specifically prohibits the use of the authentication endpoint more than once a second. Enhanced secret management, whether it's the handling of additional authentication method, or a secret endpoint, would be very much welcome.
I am also running into this limitation with a Glia api implementation within CCAs. Adding an endpoint or workflow action to update secrets would make Ops Hub even more extensible. As an agency, we try to sell Ops Hub Ent to every client we work with. This functionality would help convince prospects of the native integration capabilities of HubSpot.
Late, but I've been able to handle this in the past using global variables. It's at the very end of the documentation:
Variable re-use: to save memory, any variables declared outside theexports.mainfunction may be re-used for future executions of the custom code action. This is useful when connecting to external services like a database, but any logic or information that needs to be unique to each execution of the custom code action should be inside theexports.mainfunction.
If you're using Python for your custom code, take note of the following caveats:
Variable re-use:similar to the above, any variables declared outside thedef mainfunction may be re-used for future executions of the custom code action.
If you've declared a variable outside thedef mainfunction butdo notplan on altering it, you can reference the variable directly.
If you plan on altering a variable, you can declare the variable within thedef mainfunction with a global keyword before referencing it.
So you would just need some logic to evaluate if your current token has expired. Save the current token as a global variable along with whatever timestamp/number you'll use for comparison (some APIs will give you the expiration time, time to expiration, etc.). Then you'll have a function to generate a new auth token that you only call if the global auth token variable is null or time is up on the global expiry variable instead of just using your refresh token (saved as a secret/env var) on every execution, which could hit rate limits.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.