How to get account id in webhook payload of integration recipe

monday Apps & Developers
, , ,
1

Hey Community,

I am creating an integration feature for my app, where a column change triggers an event and that event triggers a webhook.

How can I get the account ID in the payload?

I was able to add user id, board id, and item id as output fields and I see them, but i really need to get the account id. Once i have the account id, I will be able to search my database to pull up the account record which contains the bearer access token adn other important data that I need to perform additional API calls.

I saw a similar question on this closed topic

Which states that the board ID is unique across all accounts.

This is incorrect according to the multitenancy guide which states the board id is: “Unique across the account. The same board ID may be used in different accounts.”

https://apps.developer.monday.com/docs/multitenancy

Even if I could use the board ID, how can I then query the account ID from the board ID without knowing which bearer token to use? because my app needs to identify what account triggered the integration in order to tind the bearer token.

How are other developers identifying which account triggered?

Thanks so much for your time

2

hi @kthe4167

In every post monday sends to your apps endpoint you can retrieve the accountId.

async function recipeAction(req, res) {
  const { payload } = req.body;
  const { inputFields } = payload;
  const { boardId, itemId } = inputFields;
  const { authorization } = req.headers;

  const { accountId, userId, aud, exp, iat, shortLivedToken } = jwt.verify(authorization, envVars.signingSecret);

All you need to do is to extract it from the authorization header using your apps signing secret.

3

Hey @basdebruin, Really appreciate your response.

If you dont mind me asking further;

I am trying to avoid using js, is it possible to extract the account id using an HTTP request, and the Grapgh QL API endpoint https://api.monday.com/v2?

4

hi @kthe4167

Not entirely sure I understand what you are trying to achieve. If you are making a request to the GraphQL you have to submit a token. That token has your accountId in it. Therefore I do not see the need to get the accountId queried through a GraphQL query as you are supplying the accountId already (through the used token).

How do you get the token?

5

@basdebruin I guess its not possible then to find the account ID, using only graphQL, since you have to use the bearer token to make a request.

I can retrieve the bearer token when the client completes the Oauth process, and then do a “me” graphQL Query to get the account ID.

I was hoping that when the user then Installs a recipe and triggers it, i will be able to match that event to an account ID in the database, but i guess it’s a bust since the event payload does not contain the account ID.

I am going to set up a traditional environment and use your posted solution above.

Thanks

6

hi @kthe4167
It depends what kind of triggers and actions you use in the integration. A custom trigger will have the authorization in the post to the subscribe endpoint, a custom action will have the authorization in the action endpoint. I guess (not used it) the same authorization is available when you define an install endpoint.

This is independent of JS (that was just an example) and I believe that every platform / language has something to encode and decode JSON Web Tokens (JWT). JWT is an open, industry-standard (RFC 7519) for representing claims securely between two parties.

When you make a call to the API you must supply a token and it is not possible to retrieve the accountId not having a token. It is some time ago I used OAuth as I always use the shortLivedTokens (no need to store these).

If you want more specific help, please let me know the full setup of your app and your backend.

7

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.