Jwt token authentication

Fernando · December 17, 2023, 11:03pm

hello everybody,

I’m trying to call the authentication token via postman but these errors are returning:
{
“error”: “ERROR_INVALID_CREDENTIALS”,
“detail”: “No active account found with the given credentials.”
}
I’m using baserow SaaS.
I created user database and user table with the fields email(email), username(email), password(string).
Does this type of authentication only work in a self-hosted model?
If not, could anyone help me with this error?

frederikdc · December 18, 2023, 2:04pm

Hi,

It seems like you do everything correct.
However, I notice that there is a difference between the email and username while they should normally be the same. But since the field username is deprecated, I would suggest that you only pass the email and password and check if this works.

Regards
Frederik

davide · December 19, 2023, 4:46pm

Yes @frederikdc is right. Here a link to the documentation explaining which are the correct values to get a valid JWT token:

https://api.baserow.io/api/redoc/#tag/User/operation/token_auth

Fernando · December 19, 2023, 8:49pm

Being able to generate the jwt token when I enter my login and password to access the baserow platform.
From what I understand, to put this extra security in my software I will have to invite the user of my software to have access to the database, would that be it? I thought the invite was just for developers.
My software will be a saas model, will it not be possible to generate the jwt token without it being invited from my database?
How can I structure the bank to generate jwt token for each user?
I’m a beginner.
thanks.

davide · December 20, 2023, 10:04am

I’m not sure I understand your use case. Could you please explain how you envision your users interacting with your SaaS and the data stored on Baserow?

Some approaches to handle users could be:

Your SaaS platform handles user authentication through login, sign-up and other related processes. After successful authentication, all requests are made using a single (or a predefined set of) Baserow user(s). This approach requires your SaaS platform to handle the authentication and authorization of users, while Baserow is responsible for providing data to the platform.
If your SaaS application doesn’t require user authentication because it solely relies on Baserow API endpoints, then your software can function as a proxy between the user and Baserow. In other words, your application can forward all the user requests to Baserow and check the response status code to determine whether the request is authorized or not. This way, even if your software only presents data from Baserow in a different way, it can still function effectively without having to manage user authentication.
If you want to have different users in your Saas corresponding to different users in Baserow, you can use a mixed approach. However, for this, you’ll need a more complicated version of the first option. In this approach, your Saas will handle all user authentication, and you will have to map every user in your Saas to a user in Baserow. You will need to ensure that the request is made correctly. This approach is more complicated than the first two options, and I’m not entirely sure in which cases I would recommend it.

Fernando · December 20, 2023, 7:27pm

Firstly, thank you for your attention.
I would like to make it clear that I am new to software development, my profession is an industrial automation technician.
I’m learning bubble and would like to use baserow as a database.
Visiting the templates, I found the idea of podcast content management to be sensational and would like to transform this into a Saas idea, with some integrations to consume metrics with Spotify, Deezer, among others. Integrate with openAI to create topic ideas and podcast scripts.
My biggest question is what would be the best way to authenticate and authorize the user?

thanks

frederikdc · December 21, 2023, 7:25am

Hi,

I think this article will help you on the correct path: How to authenticate to Baserow using database and JSON web tokens // Baserow.

If you want to allow a platform like Bubble to communicate with a single database like the podcast content manager, you should use a database token. This token is generated once and is added to the header of each request.

I would prefer to do the authentication of your users within bubble. Otherwise, you need to offer all that users access to your entire database which might not be the best scenario from a security perspective.

Regards
Frederik

davide · December 21, 2023, 1:40pm

I agree with @frederikdc and I’d like to share this great tutorial that I think might help you integrate Bubble and Baserow: How to integrate Bubble with Baserow // Baserow.

Fernando · December 21, 2023, 4:23pm

Thank you very much for the clarification and attention. Do you intend to place this token for the user?

Fernando · December 21, 2023, 4:25pm

Yes, this tutorial helped me a lot with integration
Tanks.