client.request() using secure parameter in manifest.json
Posted Mar 25, 2022
Hello Experts,
I am developing a Zendesk sidebar app to interact with my Paypal account. Following are the steps I am following
1) Created a Zendesk sidebar app
2) Call the Paypal API to fetch the access token using client_id and client_secret
3) Use Paypal rest APIs to do further business logic implementation
The requirement here is that I want my client_secret to be secure and not accessible to anyone. So what I did is created a "client_id:client_secret" string. Encoded it using btoa manually and stored the resulting string as a secure parameter in the manifest.json
Now when I try to access the secure parameter, I am getting an error. Following is my code snippet
const oAuthResponse = await client.request({
url: "https://api-m.paypal.com/v1/oauth2/token",
headers: { "Authorization": "Basic {{setting.client_secret}}" },
secure: true,
type: 'POST',
contentType: 'application/json',
data: JSON.stringify({ 'grant_type': 'client_credentials'})
}
).then(function(data) {
console.log(data);
return data;
});
It gives me the following error.
responseText: "Proxy error: Invalid request"
status: 400
Is there something I am doing incorrectly ?
0
0 comments
Sign in to leave a comment.