1

I am using heroku environment variables to store oauth2 tokens for authentication with a webhook i've created. As these tokens update, i need to update the environment variables from within the script after i retrieve them.

I've tried the code below, but when i run 'heroku config' from CLI, the old tokens show up.

process.env.GOOGLE_ACCESS_TOKEN = JSON.parse(body).access_token;

Improve this question
4
  • Why would you store OAuth tokens in environment variables? Commented Aug 21, 2019 at 1:45
  • Hi Chris, i need to store the refresh token for when my access_token expires. Since the script is accessed via webrequest with some POST body i can't force the user through re-authentication. The service doesn't offer an API key. Do you have another suggestion? Commented Aug 22, 2019 at 10:48
  • ...right, but why in environment variables? Are you talking about per-user tokens? Shouldn't those be stored client-side? Commented Aug 22, 2019 at 12:01
  • Hey Chris thank you for taking the time. Indeed it's the user side, but i am the user in this case, making a call to the webhook. It's about the google people api, i need to create a new contact via rest request and only way of auth is oauth2. There is a section on API key, but they don't supply one via the console as offered. developers.google.com/people/v1/how-tos/authorizing Regarding storage, i could store them on 'user' side, but i don't really have a place for that, using a SAAS app (globiflow) to make the request. Commented Aug 23, 2019 at 14:09

1 Answer 1

Reset to default
2

Ok, so i figured it out. Just posting here for reference. You can update heroku environment variables using the heroku API. You can get a key via CLI using heroku authorization:create, and then use that API KEY in a patch call to heroku. More info on how to: https://devcenter.heroku.com/articles/platform-api-reference#config-vars

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.