Add an ablity to have dynamic function to generate a bear token and cache it for certain time for webhook

[mohanrao]

Hi,

Most of the webhooks could be secured in some way to pass the authroization header.

Now this authorization header could be generated by calling an external api and can be cached for certain time. Will it be good to have some dynamic way to achieve this via a function ?

[acco]

Hey @mohanrao, trying to understand your use case. Sounds like you need to dynamically generate an auth token by making an HTTP call to some other endpoint? Mind helping me understand why using a hard-coded auth token won't work for you?

[mohanrao]

Hi @acco . Auth token is like JWT which will have a time of expiry . so it needs to be dynamically created

[acco]

Hi @mohanrao - any way you can provide a little more detail around why you need to do this? It sounds like an obscure need. Understanding the context can help us prioritize appropriately.

I understand at a high level what you need to be able to do (use a long-live token in Sequin to retrieve a JWT to call a service). I'm just trying to understand at a lower level/from a requirements perspective what services you're trying to string together here.

Thanks!

[mohanrao]

Hi @acco — totally understand the need for deeper context, happy to share more detail.

We’re integrating with several downstream services through webhooks. Some of these services require short-lived Bearer tokens (typically JWTs) that must be obtained via a separate HTTP call (e.g., using a client credentials flow or API key authentication). These tokens usually expire in 5–15 minutes.

Since Sequin triggers the webhooks on certain events, we can’t use a static/hardcoded token—it will likely be expired by the time the webhook fires. Instead, we need the ability to dynamically generate the token on-demand via a small function or request, and cache it briefly (e.g., in-memory for 5 minutes) to avoid calling the token endpoint on every single webhook execution.

Here’s a rough example of what we’re thinking:

async function getAuthToken() {
  if (tokenCache.valid()) {
    return tokenCache.get();
  }
  const response = await fetch("https://auth.example.com/token", {
    method: "POST",
    headers: { "Authorization": "Basic XYZ" },
    body: "grant_type=client_credentials"
  });
  const { access_token, expires_in } = await response.json();
  tokenCache.set(access_token, expires_in);
  return access_token;
}

Then use this token as part of the Authorization header for the webhook call.

Let me know if this helps clarify, or if I can provide a concrete example with a specific service. Thanks again!

[mohanrao]

@acco please let me know if i have to add more context to this . Looking forward for you reply