The State Changers team met to discuss using Xero's API. Some key points of the meeting were troubleshooting a problem involving setting a call to generate a bearer token using client ID and client secret using basic authentication in Postman. It was noted that these must be base64 encoded without spaces for authorization.
The team realised that there was an error: a literal space and colon were present where there should not have been, hence the problem with the translation. They then discussed using basic authorization for Xano and Integromat and acknowledged the need to encode the client ID and client secret in base64. They also talked about the various types of authorization and encryption, as well as touching on the differences in the lifespan of an access token. A key point of discussion was ensuring the customer keys' security, and the team experimented to see the output of the base64 encoding process. All in all, the meeting focused extensively on solving issues related to API authentication, protecting client keys and token generation with the help of tools like Postman, Xano, and Integromat.
(Source: Office Hours 10/18 )
