Zapier Integration

I am in the process of creating some triggers for Zapier based off our existing API which is secured using JWT tokens and Auth0 authentication.

I have created my authentication and set it to OAuth2 flow, and entered my client id, secret, scopes, audience, along with setting the correct endpoints for authorization and access token request urls.

I then enter the url of my API and attempt to try it. I then login using my credentials and the auth flow looks like it succeeds but the end result in a HTTP401 access denied from my API. I put some additional logging into the PAI to log out the Bearer token that is being submitted to it. The Bearer token ends up looking like this Bearer cPb_iBCYAIti3lZwR7Rl1RusafVV-ReA which is clearly not a Bearer token as its not three parts delimited by a period.

In the call to our test api it has the Authorization header being set to the default of Bearer {{bundle.authData.access_token}} which looks like it should work as the call to the access token endpoint returns a json structure with an access_token in it. Looking at the data above it maybe looks like its trying to use one of the authorisation codes from one of the other API calls.

Anyone shed any light on creating Triggers on Zapier tied to APIs secured via Auth0?

Hi @simon13,

Welcome to the Auth0 Community!

It looks like the token you are receiving is an Opaque Access Token. This token is not intended to be consumed by a custom API (non-auth0 owned).

In order to retrieve a JWT, you need to specify a valid audience. Here is a good resource on how to do that:

I am doing the same thing: trying to set up Auth0 as the OAuth provider to allow zaps on my app. Is there some kind of HOWTO for this? I hate to resort to api keys.

Hi @outlaw,

Can you give some more context on exactly how you want this flow to work? I don’t have much experience with zapier, but I should be able to figure out how to hook up the oauth/Auth0 bit.

Who is requesting the token, who is receiving it, etc.

Hi Dan,

You might need some exposure to Zapier (I don’t have any either), but here is the idea:

Zapier is an integration service where applications agree to work together, so that customers can create custom flows. For example, Gmail integrates with Zapier, as does Facebook. They both authenticate using OAuth in the backend, so when the customer says they want to use Gmail or Facebook, they are asked to log in using OAuth before creating custom flows.

Honestly, the easiest way for you to understand what Zapier is requesting is to create a login on Zapier and tell it you want to connect an application, follow the prompts. You will get to a page where it asks for authentication method (choose OAuth), then it asks a bunch of questions about how to authenticate. Those are the fields I am struggling with.

Can you post a screenshot of the fields it is asking for?

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.