Closed pukhalski closed 3 years ago
biilmann
commented
6 years ago If I understand right, you should be able to just use a Netlify function as the webhook endpoint. Then you'll have access to the identity user.
More on how to interact with identity from functions here:
Auspicus
commented
6 years ago @pukhalski
Using the context parameter you should be able to access a short lived "app token":
exports.handler = (event, context) => {
const { identity } = context.clientContext;
const API_TOKEN = identity.token;
const API_ENDPOINT = identity.url;
// ... use token
}
pukhalski
commented
6 years ago @biilmann I am setting up a webhook from Stripe to a function, so Stripe is going to trigger it without any token, of course.
@Auspicus, thanks, I will take a look!
elucidsoft
commented
5 years ago This does not work. Using the method @Auspicus referred to if you call the identity /user endpoint, pass in the short lived jwt token the response back is "Could not read user Claim ID".
pukhalski
commented
5 years ago Any updates on this one?
corford
commented
5 years ago One nice way to do this might be to expose an app token concept via GoTrue API endpoints? An app token could have either read, write or read/write access to the app meta data of all users. Like a refresh token, it never expires and can only be revoked. The db table to contain these tokens would have a similar schema to the refresh_tokens table (with addition of a grant column to specify capabilities of each issued token).
GoTrue could then expose some admin API endpoints to allow listing, creation, revocation and capability setting (r,w,r/w) of app tokens (or alternatively this could be done via the cli?).
Finally, there would then need to be an API endpoint for use with these app tokens that allows updating app meta data attributes for a given user.
Above would allow you to e.g. create a scoped app token for use with Stripe's webhook that could update or set a new app_metadata attribute for the affected user.
Auspicus
commented
5 years ago You need to use the admin API ie. /admin not /user with that identity token. You can see docs on that here: https://github.com/netlify/gotrue-js#admin-methods
Auspicus
commented
5 years ago I agree though that having a way to access the Identity API in contexts outside of their platform would be great because it's virtually impossible to E2E test without running via Netlify Functions.
github-actions[bot]
commented
3 years ago This issue has been automatically marked as stale because it has not had activity in 1 year. It will be closed in 7 days if no further activity occurs. Thanks!
github-actions[bot]
commented
3 years ago This issue was closed because it had no activity for over 1 year.
- Do you want to request a feature or report a bug? Feature.
- What is the current behavior? If Stripe subscription charge fails, user receives an email (set up in Stripe Dashboard) about it, but there's also a possibility to push an event from Stripe to webhook. These webhook should update user data accordingly but there's no ability to access user db (no token or identity).
- What is the expected behavior? Provide access to manipulate users from webhooks with static app token/secret or any other mechanism.