https://systematic.workato.com/t5/workato-pros-discussion-board/requesting-help-with-jwt-connector/m-p/12039#M4630 <P>Hi&nbsp;<a href="https://systematic.workato.com/t5/user/viewprofilepage/user-id/13305">@AMacourek</a>&nbsp;,</P><DIV><P>In Workato, this behavior usually happens because <STRONG>the <CODE>Authorization</CODE> header (and a few others)</STRONG> are treated as <STRONG>sensitive</STRONG> at the <STRONG>action level</STRONG>. So:</P><UL><LI><STRONG>Manually typing</STRONG> a token/key directly in the HTTP <STRONG>step header</STRONG> → often triggers a “sensitive field”/security validation error.</LI><LI><STRONG>Mapping a datapill</STRONG> (e.g., a token output from a previous step) → may still be blocked if it’s going into <CODE>Authorization</CODE> at the <STRONG>action</STRONG> level.</LI></UL><P>To make this reliable (and compliant), move the sensitive value to the <STRONG>connection layer</STRONG> or use one of the safest options below.</P></DIV><P><BR /><BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Https error page_ if add only bearer.png" style="width: 999px;"><img src="https://systematic.workato.com/t5/image/serverpage/image-id/2633iFA84745E8B419267/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="Https error page_ if add only bearer.png" alt="Https error page_ if add only bearer.png" /></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Https_ success_when add data pill after Bearer.png" style="width: 999px;"><img src="https://systematic.workato.com/t5/image/serverpage/image-id/2634iC6B60593E044691C/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="Https_ success_when add data pill after Bearer.png" alt="Https_ success_when add data pill after Bearer.png" /></span></P><P>Thanks and Regards,<BR />Shivakumara K A</P> Fri, 20 Mar 2026 15:23:28 GMT shivakumara 2026-03-20T15:23:28Z https://systematic.workato.com/t5/workato-pros-discussion-board/requesting-help-with-jwt-connector/m-p/12019#M4624 <P>I have a need to import from Apple Business Manager.&nbsp; &nbsp;I set up a JWT Connector to import the Key.</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="image.png" style="width: 200px;"><img src="https://systematic.workato.com/t5/image/serverpage/image-id/2625iDFA087C93F77B081/image-size/small/is-moderation-mode/true?v=v2&amp;px=200" role="button" title="image.png" alt="image.png" /></span></P><P>In the recipe, I then called this to generate the JWT and was able to get the access token.</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="image.png" style="width: 200px;"><img src="https://systematic.workato.com/t5/image/serverpage/image-id/2626i78485C62493F63BD/image-size/small/is-moderation-mode/true?v=v2&amp;px=200" role="button" title="image.png" alt="image.png" /></span></P><P>This works fine and the access token is valid.&nbsp; Now, my question is how can I use that access token?&nbsp; I cannot just add to a header with Authorization-Bearer as Workato errors out with it being sensitive field.</P><P>I would like to have a custom connector that does all of this, but I cannot find a way to have a multi-line password field to take in the key.&nbsp;&nbsp;</P> Wed, 11 Mar 2026 13:15:51 GMT https://systematic.workato.com/t5/workato-pros-discussion-board/requesting-help-with-jwt-connector/m-p/12019#M4624 AMacourek 2026-03-11T13:15:51Z https://systematic.workato.com/t5/workato-pros-discussion-board/requesting-help-with-jwt-connector/m-p/12039#M4630 <P>Hi&nbsp;<a href="https://systematic.workato.com/t5/user/viewprofilepage/user-id/13305">@AMacourek</a>&nbsp;,</P><DIV><P>In Workato, this behavior usually happens because <STRONG>the <CODE>Authorization</CODE> header (and a few others)</STRONG> are treated as <STRONG>sensitive</STRONG> at the <STRONG>action level</STRONG>. So:</P><UL><LI><STRONG>Manually typing</STRONG> a token/key directly in the HTTP <STRONG>step header</STRONG> → often triggers a “sensitive field”/security validation error.</LI><LI><STRONG>Mapping a datapill</STRONG> (e.g., a token output from a previous step) → may still be blocked if it’s going into <CODE>Authorization</CODE> at the <STRONG>action</STRONG> level.</LI></UL><P>To make this reliable (and compliant), move the sensitive value to the <STRONG>connection layer</STRONG> or use one of the safest options below.</P></DIV><P><BR /><BR /><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Https error page_ if add only bearer.png" style="width: 999px;"><img src="https://systematic.workato.com/t5/image/serverpage/image-id/2633iFA84745E8B419267/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="Https error page_ if add only bearer.png" alt="Https error page_ if add only bearer.png" /></span><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Https_ success_when add data pill after Bearer.png" style="width: 999px;"><img src="https://systematic.workato.com/t5/image/serverpage/image-id/2634iC6B60593E044691C/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="Https_ success_when add data pill after Bearer.png" alt="Https_ success_when add data pill after Bearer.png" /></span></P><P>Thanks and Regards,<BR />Shivakumara K A</P> Fri, 20 Mar 2026 15:23:28 GMT https://systematic.workato.com/t5/workato-pros-discussion-board/requesting-help-with-jwt-connector/m-p/12039#M4630 shivakumara 2026-03-20T15:23:28Z