Skip to main content
When Membrane makes requests to your API, it will use configuration from the Internal API settings in your workspace

Authentication and API Client

You can configure how Membrane will authenticate with your API by choosing an authentication method and providing the necessary configuration. This configuration follows the same structure as Authentication in Connector Builder in connectors.

Credentials

Since there is no explicit process of creating a connection between Membrane and your API, you need to provide initial credentials yourself.

Credentials Schema

Credentials Schema is a JSON Schema that describes the structure of credentials you need to authenticate requests to your API.

Initializing Credentials

There are a few ways of initializing the user’s credentials. Providing credentials when initializing Membrane Javascript SDK: 
import { MembraneClient } from '@membranehq/sdk'

const membrane = new MembraneClient({
  token: '{TOKEN}',
  credentials: {
    apiKey: '{USER_API_KEY}',
  },
})
Alternatively, you can provide a fetchCredentials method that returns credentials asynchronously: 
import { MembraneClient } from '@membranehq/sdk'

const membrane = new MembraneClient({
  token: '{TOKEN}',
  fetchCredentials: () => fetch('/user-credentials').then((res) => res.json()),
})

Whenever you provide credentials or fetchCredentials, the SDK will associate them with the current user and use them to authenticate requests going forward. You can also update credentials for the current user at any time via SDK or API: 
await membrane.self.patch({ credentials: newCredentials })

Refreshing Credentials

If you use OAuth2 authentication type, Membrane will automatically refresh credentials when HTTP 401 response code is received. It will follow the standard OAuth2 token refresh flow: Refreshing Access Token.