Apex Code Development You need to sign in to do that
Don't have an account?
Franjo Garić Unable to include Authorization header from External Services schema JSON (via Flow)
Hi all,
we have had the following configuration which has worked prior to Summer '21:
#1: External Services schema JSON:
{
"swagger": "2.0",
"info": {
"title": "title",
"description": "API for host",
"version": "0.0.1"
},
"securityDefinitions": {
"JWT": {
"type": "apiKey",
"in": "header",
"name": "Authorization"
}
},
"security": [
{
"JWT": []
}
],
"tags": [
{
"name": "V1",
"description": "Operations about V1"
}
],
"host": "hostName",
"schemes": [
"https"
],
"paths": {
"/graphql": {
"post": {
"tags": [
"V1"
],
"description": "Graphql post",
"operationId": "graphqlPost",
"consumes": [
"application/json"
],
"produces": [
"application/json"
],
"parameters": [
{
"name": "Authorization",
"in": "header",
"description": "Authorization",
"required": true,
"type": "string"
},
{
"name": "BodyModel",
"in": "body",
"description": "BodyModel",
"required": true,
"schema": {
"type": "string"
}
}
],
"responses": {
"200": {
"description": "OK",
"schema": {
"type": "string"
}
}
},
"security": []
}
}
},
"definitions": {}
}
#2: Basic Named Credentials which have "Authentication Protocol" as "No Authentication"
#3 Flow which utilizes the #1 and #2 so it can make some API requests with Authorization: Bearer <api key> in the header and some JSON body.
After Summer '21, without anything being changed on the above 3 points, API requests started failing.
We have debugged and figured out that Flow will not send the Authorization header anymore (although it shows in the flow debug log that it is there). Headers named other than "Authorization" will pass.
I can not find anything in the release notes pointing me to the exact change and required adaptations in order for this to work again.
Does anyone know what change should External Service JSON maybe have in order for Auth header to be compatible with Summer '21 changes?
Thanks
Hope you have already verified the behavior between previous release org and Summer 21 release org in meantime.
If you have observed this issue in preview sandbox as well before the major release, then please raise a case with Salesforce support and pass the same details on the same to get it investigated with help of product teams.
Hope above information helps. Please mark as Best Answer so that it can help others in future.
Thanks.
thank you for your input on this.
The first thing we did was actually raising a case with Salesforce.
They asked us to post a question here, on the developer's forum without any other specific info.
Thanks for the acknowledgment.
Hope you are following the same code as described in below documentation:
https://help.salesforce.com/articleView?id=sf.external_services_test_actions_in_flow.htm&type=5
If you have noted down or compared the discrepencies with same code in 2 orgs, one of them as Summer 21 org, please mention them in the case as well as the error being received and advice engineer to take help from Developer group or raise new case with Developer expertise by selecting flow or API or Integration related topics.
Also be sure to add all the investigation done around this issue(i.e. Debug Logs, error codes) with narrowed down scenario to replicate the issue easily with small piece of code.
If this found to be platform issue or not working as intended then team would be able to take this up with product teams to resolve from platform end and if this found out to be your implementaton issue, the team may not be able to help further with Standard plan and you might need to take help of internal developers to resolve it.
Thanks.
SF support just yesterday said that they would forward the case to their internal Developers.
We have the same problem with the Authorization header.
Do you have any news about how we can avoid the problem?
Thanks.
I will give you the feedback we get after the meeting.
Have you found a solution to the problem after the call?
Thanks.
Hi,
no, I did not.
They said that they will investigate the issue and probably move this up to the Senior Engineer team.
I have provided them the access to the org and set-up a demo flow that sends the API request, and a demo service that receives the request in which we can see that Authorization headers are nowhere to be seen.
If you manage to figure out a way to include the Auth header, feel free to post it here also.
Thanks
It shows how to create input parameters for auth headers in the api schema, which can then be used in flow builder. The post was written before this thread started, though. Has anybody tried this?