Regarding auth flow of email and scheduler

hamzasymbo · October 10, 2024, 8:57pm

Hey @ram . Is there any other way to do this without exposing API Key in headers of FE request? Can anyone give a code example on how to do it?

All the code examples Nylas has in their docs are just mentioning sending access token but everytime I try to send the access token on my custom identity wrapper class, the request to /calenders endpoint just throws a CORs.

There are alot of tokens here:
id token, access token, refresh token, client id, api key, grant id.

Can anyone just provide an example mentioning which one to use where? I’ve tried all sorts of different combinations and the only one that works is the one with API key sent in header but that is super insecure and can lead to serious problems.

@dhruv have you done anything about keeping api key safe?
We also have this thread with relevant discussion.

dhruv · October 19, 2024, 5:36am

@hamzasymbo make a function inside custom wrapper which will call your backend internal api and from where you can call to the nylas api request format with API_KEY which is currently in customwrapper and get the response to the client side from your backend api and don’t forget to put it in the .env this how it could work

Topic		Replies	Views
Scheduler UI component redirect_uri Question and Answers authentication	1	31	August 8, 2024
Bypassing Repeated Auth in Scheduler Question and Answers	3	34	October 19, 2024
Nylas Scheduler Editor Question and Answers authentication	4	42	September 3, 2024
Regarding Nylas V3 Scheduler Issue in React Question and Answers authentication	2	171	May 21, 2024
Facing CORS error while integrating scheduler Question and Answers scheduler	8	57	October 19, 2024

Regarding auth flow of email and scheduler

Related topics