Authorization Headers are not supported

Question

Authorization Headers are not supported

Opened this issue a year ago · 4 comments

I am trying to use api to make request to Alpaca. The Readme.io demo page shows me that I can add Authorization Headers for the API Key & API Secret. When I follow the example, my code crashes with the following message:

Error: Sorry, this operation currently requires multiple forms of authentication which this library doesn't yet support.

Here is the example:

import api from 'api';
const sdk = api('@testalpacadocs/v1#zryj16ll4d1dl0');

sdk.auth(process.env.API_KEY);
sdk.auth(process.env.API_SECRET);

await sdk.postOrder({side: 'buy', type: 'market', time_in_force: 'day'});

Screenshot

Answer 1 · 2023-08-21T16:56:19.000Z

So yeah api does support authorization headers, but it doesn't support API endpoints that have multiple forms of auth because sdk.auth() has no way of knowing which security scheme, and authorization header, to apply that value to.

We've had some ideas on how to improve this, like adding a second argument to sdk.auth('API-KEY', 'x-api-key') to let you specify the header to attach it to but that conflicts with sdk.auth's handling of basic auth.

Will leave this open for discussion.

Answer 2 · 2023-08-21T17:07:19.000Z

Getting this integrated would be a big enabler. Is there any workaround for me as a developer to set headers on the SDK? Can I access some internal variables or apply an interceptor to add the necessary header information?

Answer 3 · 2023-08-21T17:14:34.000Z

There's unfortunately no workarounds at the moment.

Answer 4 · 2024-01-26T10:30:35.000Z

I use API that requires 2 secrets, so it's really a blocker in using this lib. At least workaround would be great 🙏