Authentication

UbiFunctions' URLs are publicly exposed. This means that anyone with the URL path can invoke your code.

To add an authentication layer to your function, add a preliminary step before execution to check the token in the request.

Ubidots automatically passes the content of the X-Auth-Token header as a function argument:

Request Header

Key inside Function

X-Auth-Token

TOKEN

See a Python example below:

import requests as rq
import json

'''
Returns True or False based on the validity of the token
'''

def account_auth(token):

    response = {
        200: True,
        403: False
    }

    HOST = "https://industrial.api.ubidots.com"
    PATH = "/api/v1.6/user_check/"
    PARAMETERS = "?token={}".format(token)
    URL = "{}{}{}".format(HOST, PATH, PARAMETERS)

    r = rq.get(URL)

    code = r.status_code

    return response[code]

def main(args):

    token = args.get("token", None)

    if token is None:
        return {"ERROR": "Missing token"}

    valid = account_auth(token)

    if valid is not True:
        return {"ERROR": "Token not valid"}

Please note that the function still executes even if the token is invalid, and it still counts toward your usage. We are working on a new method to optionally authenticate a function the same way you authenticate any Ubidots API request.

PreviousTesting an UbiFunction NextExecution Time

Last updated 7 days ago

Was this helpful?