[Feature Request] Ability to specify an alternative header name for authorization
Closed this issue · 4 comments
There is an authorization config option which enables the user to specify the Authorization
HTTP header value.
However I am wanting to fetch data from an API that uses a different header name for authorization. It would be great if we could configure an alternative header name to use for authorization where I could put my secret - ${{secrets.NAME_OF_THE_CREATED_SECRET}}
.
I am aware of axios_config but I don't believe I can reference secrets in there. Thanks!
I actually think axios_config
might work if you pass in the headers
property correctly. Could you try it out just to see if it works? If the secret is shown as text I think we can fix that. Something perhaps like:
{
"method": "post",
"headers": {
// any custom headers
}
}
There are a few caveats:
url
andbaseURL
will both be ignored, use thehttp_url
key in Flat- All function parameters will be ignored (e.g., transformRequest).
- The response type is always set to responseType: 'stream' in the background.
The relevant link of code is here. Just don't pass anything with the authorization
key and your headers will override the Flat ones.
Hi @irealva, I'm aware of the headers
option in axios_config
. I would use that but I want to avoid putting a visible secret into the json file that it references. It would be great if I could include a reference to a Github secret instead.
It just occurred to me I could create the axios_config
json file in the workflow!
- name: 'Create StatsNZ axios config'
env:
STATSNZ_API_KEY: ${{ secrets.STATSNZ_API_KEY }}
run: |
echo "{ \"headers\": { \"Ocp-Apim-Subscription-Key\": \"$STATSNZ_API_KEY\" } }" > $RUNNER_TEMP/statsnz_axios_config.json
Thanks for your help!
Ah yes sorry that's what I was thinking originally. If the key still shows up in the Action debug workflow let us know! That happened previously with a particular Flat step and we fixed it.