Skip to content

fix: Fix Pipes API destination auth by matching secret key format#6

Merged
kristopherchun merged 1 commit intomainfrom
kristopher/fix-basic-auth
Feb 20, 2026
Merged

fix: Fix Pipes API destination auth by matching secret key format#6
kristopherchun merged 1 commit intomainfrom
kristopher/fix-basic-auth

Conversation

@kristopherchun
Copy link

@kristopherchun kristopherchun commented Feb 20, 2026

Summary

  • _apply_connection_auth in the Pipes API destination target expected PascalCase nested keys (e.g. BasicAuthParameters.Username, ApiKeyAuthParameters.ApiKeyName) when reading connection secrets from SecretsManager
  • ConnectionService._get_secret_value() stores secrets using lowercase flat keys (e.g. {"username": ..., "password": ...} and {"api_key_name": ..., "api_key_value": ...})
  • This mismatch caused BASIC and API_KEY auth to silently resolve to empty strings, resulting in missing Authorization headers on outbound requests

Test plan

  • Verified locally with EventBridge Pipe (Kinesis → API Destination) using BASIC auth connection
  • Confirm API_KEY auth type also works with the updated key format

@kristopherchun
fix: Fix Pipes API destination auth by matching secret key format
d8c2c7e 
The _apply_connection_auth method expected PascalCase keys
(e.g. BasicAuthParameters.Username) when reading from SecretsManager,
but ConnectionService stores secrets using lowercase flat keys
(e.g. {"username": ..., "password": ...}). This caused BASIC and
API_KEY auth to silently fail with empty credentials.
@kristopherchun kristopherchun merged commit b68feeb into main Feb 20, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kristopherchun