The REST API authentication lets you store your API credentials in a safe place. If you simply used your API-key in the REST API node, it would be part of the node's configuration and would be shown to you and other admins in your FactBranch account.
In this article you'll learn about:
Once you've entered your API credentials in the authentication, they are stored on FactBranch's servers, encrypted-at-rest and will never be shown again anywhere in your FactBranch account.
You can, however, use the authentication in your nodes. This allows you to save the credentials once and then re-use it in several nodes. You can even let another team member create nodes and use the authentication without them seeing the credentials.
To create a REST API authentication, click on Manage authentications in your Flows dashboard, and then click on Create authentication.
You can select one of the three most common HTTP auth methods:
The payload signature method is a way to authenticate requests to a REST API without sending the actual credentials with each request. Instead, we send a hash of the payload, which is generated using a secret that you enter in the authentication.
Our implementation follows GitHub's Webhook Secret method.
FactBranch takes the payload of the request, convert it to a string, and
together with the secret supplied by you, we generate a HMAC-SHA256 hash. This
hash is prefixed with sha256= and sent as the header X-FactBranch-Signature-256 with each request.
To verify your own implementation here are example values:
It's a Secret to EverybodyHello, World!sha256=757107ea0eb2509fc211221cce984b8a37570b6d7586c22c46f4379c8b043e17In GitHub's docs you'll find code examples for Ruby, Python, and JavaScript that you can use in your own application to verify the signature.
To rename the authentication, either click on Rename next to the title, or double-click on the title itself. Then enter the new name and click on Save or hit Enter on your keyboard. To revert to the old name, hit the Escape key.
First create a REST API node in one of your Flows. Edit the node by clicking Edit next to the node in the Flow Editor. Select the Authentication tab on the left side of the screen. Then click on Select an authentication... - or on change... if that node already has an authentication associated. Select the authentication you'd like to use and from now on this node will use for all its requests the credentials you've stored in the authentication.