Is this possible?

Is this possible?

I want to submit a feature request, but I am not sure if it is even possible.

1 I want to create a Catalyst based web app where the user logs in using their Zoho credentials.

2 After logging in, they will upload a service account JSON file for a Google API such as Dialogflow ES. The service account JSON file (and the secret key inside) will not be directly visible to my app. But it should be saved using a unique name which is provided by my app.

3 Zoho Catalyst manages the auth completely (safely storing access and refresh tokens), and just hands me the specific access token for the API on demand whenever I ask for an access token for this uniquely-name-service-account. ZC, behind the scenes, will generate this access token by using the credentials stored inside the service account JSON file.

4 This removes me (the developer) from the picture and Zoho becomes entirely responsible for keeping the API secret safe.

By the way, service accounts are different from the OAuth flow where a user gives an app the permission to access their (say) Google Drive. In that case, you can get a single-use access token valid for 60 minutes, and force the user to reauthenticate if the session exceeds 60 minutes.

Here I am talking about a scenario where, say, I host someone's Dialogflow bot backend within my app. Google calls them server-to-server applications. I could still do this by asking the user to authenticate, getting the refresh and access tokens, and then storing the refresh token in my DB. Problem is, now I become responsible for keeping this refresh token secure. I want to know if there is a service to which I can outsource this.

By the way, technically, Zoho is already doing this when you allow a user to integrate Zoho SalesIQ with their Dialogflow ES chatbot. You are already storing the refresh token, which is used to generate a new access token each time the bot responds to the user message. I just want this same functionality available as an external service. :-)

Is something like this even possible?

    • Announcements

    • Important Announcements in Support for Catalyst Features

      Hello Catalyst Users, This announcement is to bring to your notice some of the recent updates in our support for various Catalyst components, to ensure that your existing Catalyst applications function properly. You can continue to build robust applications

    • Introducing Catalyst 2.0, the simplest cloud-based pro-code development platform.

      Dear Catalyst Community, We are beyond thrilled to present you Catalyst 2.0—the new-age, pro-code development platform that redefines the way you build, deploy, and scale apps. Catalyst 2.0 is not a mere upgrade, but a significant leap into the future

    • Set budgets to optionally disable your Catalyst production environment

      Hello all,    We are pleased to inform you that you can now configure the automatic disabling of a project's production environment upon reaching a specified budget's threshold. Budget alerts in Catalyst facilitate setting usage limits in amounts or Catalyst

    • #CatalystServerless Hackathon 2022

      We are pleased to announce #CatalystServerless Hackathon with prizes worth $5000 up for grabs. Create a working prototype aimed to solve a critical business issue using Catalyst and stand a chance to win exciting prizes. The Hackathon will happen in 3

    • Share your interest to participate in the #CatalystServerless Blogathon

      Hi, we are working on announcing the next edition of the #CatalystServerless Blogathon. Please fill up this form to stay posted on all updates related to the Blogathon. https://zfrmz.com/JN9ChxPU9JQpPgB1vRp8

      Catalyst Community