Delightful dinner tonight at Oceanaire with my brother and his wife. Yum!

Four people smiling at a round white-tablecloth table in a dim restaurant booth, with desserts and drinks in front of them.

Very first espresso from my new Breville Oracle espresso machine. I’m impressed with the capabilities and the quality of the espresso. ☕️

Breville Oracle espresso machine brewing dual espresso shots into two decorated white ceramic cups

Ordered End of Trust, McSweeney’s Issue 54 done in collaboration with the EFF! 💜

Just signed up for a 4th site on Blot. This one will be to finally get a decent site for my Book Club.

Using API Credentials in Shortcuts

Shortcuts on iOS can do incredibly powerful things, and with a little bit of extra magic you can connect to most API’s as well. Pulling data from API’s, manipulating it, and extending your shortcuts is really powerful. However, you need to have a good way to manage the authentication tokens and secrets for those APIs.

Most Shortcuts I have seen use a Text variable and put the token in that variable. It’s then used throughout the Shortcut. This works, but it exposes problems if you share that Shortcut. It also has issues if you use the same API in multiple Shortcuts. You are now copying that token in numerous places.

Another approach that I prefer is to create Shortcuts that do nothing but return those tokens. You can then call those Shortcuts from another Shortcut to get the token. I prefix these Shortcuts with the prefix “Secret”.

Four red iOS Shortcut tiles labeled Secret/Pinboard Token, Secret/MailChimp, Secret/Toggl API Token, and Secret/Working Copy Key, each showing a padlock icon.

Then when I need to use an token for an API I call the Shortcut and then reference the magic variable returned from it. You can even hide the execution of that second Shortcut.

Apple Shortcuts editor showing three actions: Ask for Input asking How many links with default 10, then two Run Shortcut actions calling Secret/Pinboard Token and Secret/Working Copy Key.

In addition to reuse, you also get other benefits from this approach. Your Secret Shortcut can have some logic. For example, I access Working Copy from Shortcuts and it does so with a local URL call, protected with a random key. That key is specific to each iOS device. So, rather than try to synchronize the keys I have the Secret shortcut return whatever key is right for the device that is running.

iOS Shortcuts editor showing three chained actions: Get Device Details set to Device Name, a Dictionary mapping two device names to secret keys, and Get Dictionary Value retrieving a value by Device

I do a similar thing with MailChimp’s API token that requires some encoding be applied to it.

I find this a better way to manage these secret tokens, get reuse, and make it easier to change them. 👍

This post is part of the Shortcuts Collection.

Tammy and I had an amazing dinner at Popol Vuh last night. Guacamole, Jicama Salad, Costilla, and Carne Asada. Everything was delicious and so flavorful! The drinks were amazing as well!

Candlelit restaurant table with a frothy cocktail garnished with a dried orange slice, a bowl of tortilla chips, a small dish of guacamole, and drinks including an orange cocktail and water glasses.

Updating firmware FTW! This time the Joule Sous Vide.

Joule Sous Vide app screen showing firmware update in progress at 41.3 percent, uploading file 2 of 2.

Tammy’s sisters and my brother-in-laws escaped Breakout - Operation: Casino in 45 minutes! 🙌💪🔓 Room 25!

Group of eight people posing at Breakout escape room holding signs for Operation Casino and We Broke Out 45:00

I’ve used an Airport Express (Gen 1) with an auto-switching amp to get AirPlay audio. The Airport Express is discontinued now. Sonos Amp does what I want, but is 3 times the cost. Recommendations on better solutions?

Quiet Friday night putting together tomorrows issue of the Weekly Thing. 👨‍💻