Authorization header for GPTs actions

Hubris · November 26, 2023, 2:45pm

Hey there - I’ve been trying to make my custom GPT make API calls to an external database with an Authorization:<api_key> in the header but so far without success, the bot will just ignore the security component in the schema and only construct the parameters in the request’s body.

I am also confused about where I should store the API key. More specifically should I select the basic bearer or custom mode of Authentication?

any help appreciated, particularly if you can share a shema template that works, I have been using something like this but without success:

{
  "openapi": "3.1.0",
  "info": {
    "title": "Your API Title",
    "version": "1.0.0",
    "description": "Description of your API"
  },
  "servers": [
    {
      "url": "https://api.yourdomain.com/v1"
    }
  ],
  "paths": {
    "/yourEndpoint": {
      "get": {
        "summary": "Your endpoint summary",
        "operationId": "getYourEndpoint",
        "responses": {
          "200": {
            "description": "Successful response",
            "content": {
              "application/json": {
                "schema": {
                  "type": "object",
                  "properties": {
                    "data": {
                      "type": "string"
                    }
                  }
                }
              }
            }
          }
        }
      }
    }
  },
  "components": {
    "securitySchemes": {
      "ApiKeyAuth": {
        "type": "apiKey",
        "in": "header",
        "name": "Authorization"
      }
    }
  },
  "security": [
    {
      "ApiKeyAuth": []
    }
  ]
}

Thanks!

callum.bradbury · November 26, 2023, 2:50pm

In authentication:

set the Authentication Type to API Key
set the Auth Type to Custom
set the Custom Header Name to ‘Authorization’
set the API Key to be your API key

That should work… theoretically.

Hubris · November 26, 2023, 2:52pm

Thanks Callum, do you have to encode the API key somehow or just paste it raw?

callum.bradbury · November 26, 2023, 3:31pm

Just pasting it in raw will be fine, that’s what I’m doing anyway and it’s all gucci

bloodlinealphaDev · November 26, 2023, 5:59pm

I am trying to do the same thing except with using the api key as a query param. GPT does not seem to recognize this. I have the API key set in the authentication section, I have tried using “basic” and “custom”, with neither working.

"components": {
  "schemas":{
    "securityschemes": {
    "ApiKeyAuth":{
        "type": "apiKey",
        "in": "query",
        "name": "apikey"
      }
    }
  }
  },

callum.bradbury · November 26, 2023, 6:11pm

I honestly don’t think the GPT even cares about the securityschemes part of the schema. Pretty sure you can put whatever you want in there, all it cares about are the request definitions and the server url. I’m not even convinced it cares about the response definitions, and just figures it out on the fly when it gets one back.

Topic		Replies	Views
Has anyone managed to set up API authorization connection for GPTs? Plugins / Actions builders chatgpt , api	5	2358	November 14, 2023
GPTs won't recognize API authorizations? Plugins / Actions builders chatgpt , api , gpts	21	2889	November 16, 2023
GPT Actions, Bearer token authorization Plugins / Actions builders authentication , actions	9	2209	September 19, 2024
Acions, authentication without the use of GUI for endpoints Plugins / Actions builders authentication , actions	4	752	November 22, 2023
Setting api key in a JSON schema for a GPT Plugins / Actions builders gpt-4 , chatgpt	0	1250	November 28, 2023

Authorization header for GPTs actions

Related Topics