How Can I Use the secrets Object?
This article is not applicable for AWS Lambda connections created after October 4, 2022. We wrote this article before we changed the secrets object's functionality in our connection setup form.
Use Case
You have read the documentation on our cloud function connectors but don’t understand how best to utilize the secrets object. You are looking for an example of how to use this object in your function's response.
Recommendations
Fivetran recommends the following:
Ensure that you do not hard-code the authentication details into the function code.
Ensure that your function can use the contents of the
secretsobject to authenticate with the source API.
For more information, see the following code example:
let post = https.request({
method: 'POST',
hostname: 'url.com'
headers: {
'Content-Type': 'application/x-www-form-urlencoded;charset=UTF-8',
'Content-Length': 'grant_type=client_credentials'.length,
'Authorization': 'Basic ' + Buffer.from(`${req.body.secrets.value}`, 'utf8').toString('base64')
}
Context
The secrets object is what Fivetran provides on the initial invocation of your function to ensure that authentication details for the source API are not hard-coded into the function's code.
For example:
- On the invocation of a function, the
secretsobject is passed as a string populated with the credentials that you enter into the connection setup form as part of a larger object:{"secrets":{"apiAuthenticationParameter": "parameterValue"},"state": {},"agent": "fivetran/fivetran/function"}. - Parse out the value of the
secretsobject and use the parameter(s) to authenticate your request to the source API.
Considerations
In the connection setup form, secrets is an optional field. Enter the secrets using a JSON format in the connection setup form. For example,
{
"agent" : "<function_connector_name>/<external_id>/<schema>",
"state": {
"cursor": "2018-01-01T00:00:00Z"
},
"secrets": {
"apiToken": "abcdefghijklmnopqrstuvwxyz_0123456789"
}
}