My app uses iparams to store an api key. When I’m in developer mode, the app authenticates correctly and I can make API calls. But after I publish the app, the API calls return a 403 Forbidden error. I have verified that the API key is correct in dev and production. What could be the problem?
Here’s my iparams.json:
{
“api_key”: {
“display_name”: “API Key”,
“description”: “Please enter the API key to be used to authorize this application”,
“type”: “api_key”,
“secure”: true,
“data-bind”: “product.api_key”,
“required”: true,
“type_attributes”: {
“product”: “freshservice”
}
}
}
app.js:
var headers = {“Content-type”: “application/json”,
“Authorization”: “Basic <%= encode(iparam.api_key) %>”};
var options = { headers: headers };
function loadJson(api_url) {
return response = new Promise(function(resolve) {
var url = api_url;
clientAPP.request.get(url, options)
.then (
function(result) {
if (result.status >= 200 && result.status < 300) {
resolve(result);
} else {
error_modal(error);
}
})
.catch (function(error) {
error_modal(error.message = "Could not retrieve data from " + url + ": " + error);
})
});
}