I have a need to import from Apple Business Manager. I set up a JWT Connector to import the Key.
In the recipe, I then called this to generate the JWT and was able to get the access token.
This works fine and the access token is valid. Now, my question is how can I use that access token? I cannot just add to a header with Authorization-Bearer as Workato errors out with it being sensitive field.
I would like to have a custom connector that does all of this, but I cannot find a way to have a multi-line password field to take in the key.
Hi @AMacourek ,
In Workato, this behavior usually happens because the Authorization header (and a few others) are treated as sensitive at the action level. So:
- Manually typing a token/key directly in the HTTP step header → often triggers a “sensitive field”/security validation error.
- Mapping a datapill (e.g., a token output from a previous step) → may still be blocked if it’s going into
Authorizationat the action level.
To make this reliable (and compliant), move the sensitive value to the connection layer or use one of the safest options below.
Thanks and Regards,
Shivakumara K A
