I want to create a whatsapp integration for APM. Meta wants me to provide them with an endpoint which can receive GET/POST Requests on Anonymous endpoints.
Frappe provides me with a way to expose REST API using @frappe.whitelist decorator, however it makes it mandatory for the caller to provide with a token. WhatsApp integration can’t fetch that token.
Is there a way to expose anonymous REST API from frappe ?
@frappe.whitelist(allow_guest=True) should work.
allow_guest did solve the issue. Here’s a pickle I am in. I wanted this method to be called from a webhook and hence guest works.
However after the API is called, I want to elevate the privilege and create some entities which are available only for a few roles. Is there an API which helps me impersonate admin or some other user for the part of the code in the webhook ?
in hooks you can use somthing like this
auth_hooks = [“hfrr.auth_module.auth_api.Authhookmethood”]
to override the standard authentication and this method will called before calling any whitelist method
AuthToken = frappe.get_request_header("WhatsAppToken", "")
form_dict = frappe.local.form_dict
request_type = frappe.request.path[1:].split("/", 3)