Tucker
Tucker10mo ago

Auth Question:

Auth Question: How might I add some kind of auth requirement to the REST API endpoint? Currently: 1. I put my OpenAI api key in a secret 2. I have a workflow that connects to OpenAI 3. I ship the workflow Once the workflow is live the only security I appear to have is simply not sharing my workflow endpoint (Anyone with the endpoint can just use it) How might I add some kind of auth requirement to the REST API endpoint?
3 Replies
Gaurav Chadha
Gaurav Chadha10mo ago
Hi @Tucker, You can add Authentication checks to ensure the safety of your BuildShip workflow and API you can introduce a Firebase Authenticated user check node right at the beginning of your workflow to ensure data safety in transit and allow only a specific authenticated user is able to trigger that API from your app and access data. This way you can secure the trigger API call which will provide data safety in transit. We'll be adding support for more Auth checks and OAuth too, which will make this even better.
Tucker
Tucker10mo ago
Would this be a specific api only user? Or an authenticated user of the app? Also, is there an article on this anywhere?
Gaurav Chadha
Gaurav Chadha10mo ago
For the Authentication check it will be specific to only user. We'll add docs and usecase for this soon.