Call API authentication with OAuth

I got this working and wanted to document here for anyone who might stumble across this later. I was able to generate and correctly sign an OAuth 1.0 header using a combination of templates, encode text, and JavaScript.

Major caveat, this is not secure. I understand that Glide executes Javascript locally and my code contains the private consumer and token secrets. I am comfortable with this for my use case as this is internal only and I have taken mitigating steps within the endpoint application.

After gathering keys, URLs, etc., into a helper table I created all the components of the OAuth 1.0 header and base string using template columns.

  • Format Date column to get a Unix timestamp
  • Javascript code to create the random nonce value.
  • Encode text to encode all the strings, values and URLs to percent-encoding

The signing was the missing piece - found this code snippet in this thread after trying a bunch of other things that didn’t work for various reasons.

There was a LOT of trial and error to finally get this to work, but it’s up and running now! Thanks @Rev for taking the time and pointing me in a direction which ultimately led to this solution.

I would love to see support for OAuth 1.0 and 2.0 in the Call API action - I think there would be a ton of value there.