JWT Bearer token

Hi Guys
I’m trying to fugure this out. I want to access a third party device command API that uses a bearer token.
Using subscription webhook truncates the token (its very long) thats returned into x number of strings becasue of the byte limit on these things. I am assumming the pub webhook does the same and as such prevents me from using it to send the token allong with the command.
What advice would anyone give here? do the whole JWT authentication on the Argon itself and scrap using webhooks? Does anyone know of a library thats good for bearer token collection?
Cheers all.

When subscribing to a webhook response, the maximum chunk is 512 bytes, and larger responses are split into multiple parts.

When publishing an event that is handled by a webhook, the maximum size is 622 bytes. It cannot be split into multiple parts, that is the maximum that can be sent.

If the auth token is static and constant, the easiest thing to do it put it in the webhook itself. The additional headers and template are not subject to the 622 byte limit.

If the auth token is large and changes, then it will likely impossible to use a webhook; the best solution is often to use a lightweight intermediary like Google cloud functions or AWS lambda functions.

1 Like

Thanks @rickkas7. The token is over 1024 characters and only lasts an hour so im going to look at hte intermediarys. Thanks for the pointers.

Hey Hugh,

I know that some people around the community have experience with lambdas or google cloud functions so if you get stuck with that approach just post again here. I bet you are going to get help there too (again, if you get stuck).

Best,
Gustavo.

Will do, im just looking to see if i can cook up a sample using Node Red to do the token collection etc then use that with Particle Pub/Sub for a simples life :smiley:

Only a little experience with Node Red though… Will post back if i get somewhere.

Node-RED is also another good option for combining API calls to external servers. One of the big benefits is that you can trigger a Node-RED flow from a Particle event, then have the flow query an API to get a token (possibly using a cache), then make another API call.

There’s some more information in the Particle Node docs though not an example of specifically doing that.