ajur58

ajur58

Storing Bearer Token for external APIs

Hello everyone,

I’m implementing an app that consumes an external API. The API returns a Bearer Token valid for 2 hrs after logging in, to be used for every subsequent request. I’m new to Elixir and was wondering where to store this token for the future.

My current approach:

  1. Standalone application (Agent) to handle communication with this external API
  2. When the app is started, it tries to authenticate and get the AuthToken (checking expiry date etc)
  3. The token is saved in the agent’s state, it will be read from here in future calls.

Alternatives that I can think of :
a. Put the AuthToken into env variables with Application.put_env/3 → slight security concerns as if the app crashes, env variables could get dumped to the console. Also, other apps will never need this, so it feels strange.
b. Write it to DB? Could be an overkill, but at least there’ll be one entry per new token, good for tracing.
c. Write to disk.

Might be a dumb question, but would be grateful if someone helps a noob out :slight_smile:
Thanks!

Most Liked

stefanchrobot

stefanchrobot

Keeping the token in memory means that it will most likely not survive application restarts (unless you have distribution configured). If that’s an issue, I’d store it in the DB as an encrypted field. If that’s not a concern, keeping it in an Agent seems fine to me.

Note that keeping the token in memory can make it leak - if a process crashes, the current process state can get dumped to a log file. For improved security consider wrapping the token in a struct with overriden Inspect implementation or using a redacted field in Ecto.

ajur58

ajur58

Thanks for your answer! Interesting stuff about leaky process state, will definitely keep it in mind.

Where Next?

Popular in Questions Top

beno
I will often find my self writing things similar to: case some_value do nil -> something() "" -> something() _ -> somethi...
New
chrisalley
ExUnit now has describe blocks which is a welcome addition coming from RSpec. In the docs, it states that nested hierarchies of describe ...
New
electic
Hi, I am new to Elixir. I am trying to use the DateTime component to insert a date into MySQL however the there seems to be no way to fo...
New
ovidiubadita
Hey all, I discovered Elixir and I love it. I always wanted to learn a functional programming and I intended to go for Haskell, but afte...
New
Fl4m3Ph03n1x
About me? ( if you have nothing better to do than reading about some random guy in the internet :stuck_out_tongue: ) Hello all, this is ...
New
freewebwithme
Using vs code and installed ElixirLS: support and debugger. And I got an error popped up on start up says Failed to run ‘elixir’ comma...
New
sergio_101
I am VERY much an elixir newbie. I have taken one elixir course and one phoenix course on Udemy. During that course, I saw the instructor...
New
jason.o
In the code below, if the create action is not set to accept “extra_key” as an input, it errors out with a message shown above. Is there ...
New
PeterCarter
There are pre-rolled solutions for other frameworks that do work. However, Phoenix does not seem to have these. Have people had good expe...
New
vegabook
I’m brand new to Phoenix and I have stripped one of the demo applications to the bone. I just want to get an svg up on the screen. Here i...
New

Other popular topics Top

axelson
This post is a wiki (feel free to hit the edit button near the bottom right of this post to add your own changes!) This post collects co...
239 48342 226
New
hariharasudhan94
lets say i have a sample like a = 20; b = 10; if (a > b) do {:ok, "a"} end if (a < b) do {:ok, b} end if (a == b) do {:ok, "equa...
New
senggen
Erlang/OTP 25 [erts-13.2.2] [source] [64-bit] [smp:8:8] [ds:8:8:10] [async-threads:1] 15:22:35.803 [error] gen_event {lager_file_backend...
New
TunkShif
This post is an instruction guide to help you setup your Neovim for Elixir development from scratch. It includes general information on h...
274 41989 114
New
chrismccord
This release brings a number of exciting features, including integration with the new Phoenix LiveDashboard and Phoenix LiveView. There h...
New
aesmail
Hello guys, I have finally made it. I created an admin interface for a framework. It’s been on my todo list for years and with the curre...
New
Emily
I have VueJS GUIs with the project generated using Webpack. I have Elixir modules that will need to be used by the VueJS GUIs. I forese...
New
saif
Hello everyone, Long time lurker first time poster here. I’ve recently begun working on Elixir full-time again! :raised_hands: It’s been...
New
dogweather
I wrote this comment on r/haskell, and it’s not popular there. :wink: But I think I’m on to something… Haskell reminds me of Java, and e...
New
jononomo
For some reason my phoenix channels are working for me in my local dev environment, but as soon as I deploy via Docker, I get a 403 error...
New

Latest on Elixir Forum

Elixir Forum

We're in Beta

About us Mission Statement