Hi, I attempted to retrieve data on an HTTPS Endpoint using just my function secret as a parameter on the URI and received an authentication error. I had to create an “application key” and add it to an “api-key” header in postman to successfully return results from the api call. I’m looking at some React code that uses the old webhook api, and it appears only a “secret” parameter was required. Has this truly changed, or am I overlooking something here? If it has, how to I make an axios call to the endpoint and pass in the header properly?
Hey Adam, welcome to the forums!
If I had to bet, your issue here is that the function underlying the HTTPS endpoint is configured to use Application Authentication, which means that you need include an app user’s credentials (e.g. email & password or the API key you used) in the HTTP request headers. This is different than the old webhooks - those always used System Authentication, which means no user authentication and no rules/schema enforcement.
If you want the same system function behavior as in webhooks, you can update the endpoint’s function configuration to use System Authentication instead of Application Authentication.
NOTE: You configure this is in the function configuration, not the endpoint configuration
This totally resolved my issue. Switching to system vs. application authentication did the trick. What are the best references for this? Thanks so much for the correspondence!