Authorization Headers are not supported

[bennycode]

I am trying to use api to make request to Alpaca. The Readme.io demo page shows me that I can add Authorization Headers for the API Key & API Secret. When I follow the example, my code crashes with the following message:

Error: Sorry, this operation currently requires multiple forms of authentication which this library doesn't yet support.

Here is the example:

import api from 'api';
const sdk = api('@testalpacadocs/v1#zryj16ll4d1dl0');

sdk.auth(process.env.API_KEY);
sdk.auth(process.env.API_SECRET);

await sdk.postOrder({side: 'buy', type: 'market', time_in_force: 'day'});

Screenshot

[erunion]

So yeah api does support authorization headers, but it doesn't support API endpoints that have multiple forms of auth because sdk.auth() has no way of knowing which security scheme, and authorization header, to apply that value to.

We've had some ideas on how to improve this, like adding a second argument to sdk.auth('API-KEY', 'x-api-key') to let you specify the header to attach it to but that conflicts with sdk.auth's handling of basic auth.

Will leave this open for discussion.

[bennycode]

Getting this integrated would be a big enabler. Is there any workaround for me as a developer to set headers on the SDK? Can I access some internal variables or apply an interceptor to add the necessary header information?

[erunion]

There's unfortunately no workarounds at the moment.

[konhi]

I use API that requires 2 secrets, so it's really a blocker in using this lib. At least workaround would be great 🙏

[fl0wo]

Wow that's like the first thing I'd do when implementing such tool :)

@erunion is there anything we can do to help? Or is there a reason why it HAS to be like this?

[bombillazo]

Hey, any futher discussion on this topic? Having some way to customize the auth would be super beneficial for more complex APIs