Requesting a Nav auth token

You'll need to create a route on your server side that will request an auth token from Nav to then pass into the request for a CTA. These calls should not be made public and should only happen on your server.

A POST request to the correct API endpoint will provide you with the auth token to be used in future requests.

const express = require('express')
const fetch = require('node-fetch')

const app = express()
const port = process.env.PORT || 4000

app.post('/api/get-auth-token', isLoggedInMiddleware(), async function getAuthToken(req, res) {
  await fetch('https://api.sandbox.nav.com/partners/graphql', {
    // Our production URL is https://api.nav.com/partners/graphql
    method: 'POST',
    headers: {
      'Content-Type': 'application/json',
      'x-api-key': ApiKey, // KEEP SECRET
      'x-partner-id': PartnerID,
    },
    body: JSON.stringify({
      query: `
          query GetAuthToken($userID: String!) {
              authToken(userID: $userID)
          }`,
      variables: {
        userID: req.user.userId,
      },
    }),
  })
  const responseData = await response.json()
  res.json({ authToken: res.data.authToken })
})

app.listen(port, () => {
  console.log(`Listening on port ${port}`)
})

Once the handler has been made on your server side, on your client side you need to define a function that will be passed to the Nav Embedded CTA Widget constructor. You can learn more about the configurations you need on the client side in the next section.

async function getAuthToken() {
  const res = await fetch('/api/get-auth-token')
  const json = await res.json()
  return json.authToken
}