Request Credentials of provider in Forge

I am quite confused with method requestCredentials in provider external auth. I am understanding when call provider.requestCredentials() will start to auth process base on manifest define (authorization → exchange ). This code work perfectly:

  if(!(await provider.hasCredentials())){
    await provider.requestCredentials();

It will redirect me to Auth page of external provider I have been using like facebook login page. After authenticate It redirect me to Forge by redirect_uri have been defined. But when I change my code to:

        await provider.requestCredentials();
        if(!(await provider.hasCredentials())){
          const response = await provider.fetch("/me/accounts?fields=id,name,access_token");

I got exception in console:

INFO    03:53:06.821  fc9788bf64ec77cb  {
  message: 'Authentication required',
  serviceKey: xxx,
  status: 401

Thanks for helping me!

Hello @HaiNguyen1,

Thanks for reaching out. await provider.requestCredentials(); will always trigger the consent flow. This should live in the conditional in your second statement.

Unfortunately that error is not very helpful, as it is part of triggering the consent flow.

1 Like

Yah, If I put await provider.requestCredentials() in my conditional. Next time it will auto pass login step because already have credentials. Can you help me more understand about credentials in provider. I am trying to log credentials and see this: [<token>], and can I clear this credentials? Thanks for your reply!

I’m not sure what your problem you are trying to solve here is?

It sounds like you want to do auth, and await provider.requestCredentials() I would expect to do nothing if you are already have a valid token.

If you are wanting to revoke an existing token to test the flow again, you should see it on your Connect Apps page

You should go to facebook and revoke the token you just posted as anyone can use it now to act as you.

1 Like

Perfectly, Thanks for your supporting.

@HaiNguyen1 FYI I’ve redacted your previous comment as well so the token is not publicly visible anymore.


Thanks :smile: