{"id":34733571,"url":"https://github.com/tracy-codes/turn14-api-auth","last_synced_at":"2026-05-24T01:31:55.808Z","repository":{"id":35184365,"uuid":"168055072","full_name":"tracy-codes/turn14-api-auth","owner":"tracy-codes","description":null,"archived":false,"fork":false,"pushed_at":"2022-12-02T21:45:55.000Z","size":139,"stargazers_count":2,"open_issues_count":4,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-05-20T10:55:37.596Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/tracy-codes.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-01-28T23:28:56.000Z","updated_at":"2023-09-25T08:31:28.000Z","dependencies_parsed_at":"2023-01-15T15:40:22.402Z","dependency_job_id":null,"html_url":"https://github.com/tracy-codes/turn14-api-auth","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/tracy-codes/turn14-api-auth","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tracy-codes%2Fturn14-api-auth","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tracy-codes%2Fturn14-api-auth/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tracy-codes%2Fturn14-api-auth/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tracy-codes%2Fturn14-api-auth/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/tracy-codes","download_url":"https://codeload.github.com/tracy-codes/turn14-api-auth/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/tracy-codes%2Fturn14-api-auth/sbom","scorecard":{"id":896471,"data":{"date":"2025-08-11","repo":{"name":"github.com/tracy-codes/turn14-api-auth","commit":"1df77992862076bd0c5dabaeef8ae5fe94062c61"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":1.7,"checks":[{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"Code-Review","score":0,"reason":"Found 0/10 approved changesets -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: LICENSE:0","Info: FSF or OSI recognized license: MIT License: LICENSE:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Signed-Releases","score":-1,"reason":"no releases found","details":null,"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'master'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 10 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}},{"name":"Vulnerabilities","score":0,"reason":"32 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: GHSA-93q8-gq69-wqmw","Warn: Project is vulnerable to: GHSA-cph5-m8f7-6c5x","Warn: Project is vulnerable to: GHSA-wf5p-g6vw-rhxx","Warn: Project is vulnerable to: GHSA-jr5f-v2jv-69x6","Warn: Project is vulnerable to: GHSA-v6h2-p8h4-qcjw","Warn: Project is vulnerable to: GHSA-grv7-fg5c-xmjg","Warn: Project is vulnerable to: GHSA-3xgq-45jj-v275","Warn: Project is vulnerable to: GHSA-gxpj-cx7g-858c","Warn: Project is vulnerable to: GHSA-w573-4hg7-7wgq","Warn: Project is vulnerable to: GHSA-ff7x-qrg7-qggm","Warn: Project is vulnerable to: GHSA-74fj-2j2h-c42q","Warn: Project is vulnerable to: GHSA-pw2r-vq6v-hr8c","Warn: Project is vulnerable to: GHSA-jchw-25xp-jwwc","Warn: Project is vulnerable to: GHSA-cxjh-pqwp-8mfp","Warn: Project is vulnerable to: GHSA-8r6j-v8pm-fqw3","Warn: Project is vulnerable to: MAL-2023-462","Warn: Project is vulnerable to: GHSA-pfrx-2q88-qq97","Warn: Project is vulnerable to: GHSA-6c8f-qphg-qjgp","Warn: Project is vulnerable to: GHSA-952p-6rrq-rcjv","Warn: Project is vulnerable to: GHSA-f8q6-p94x-37v3","Warn: Project is vulnerable to: GHSA-vh95-rmgr-6w4m","Warn: Project is vulnerable to: GHSA-xvch-5gv4-984h","Warn: Project is vulnerable to: GHSA-c2qf-rxjj-qqgw","Warn: Project is vulnerable to: GHSA-4g88-fppr-53pp","Warn: Project is vulnerable to: GHSA-4jqc-8m5r-9rpr","Warn: Project is vulnerable to: GHSA-3jfq-g458-7qm9","Warn: Project is vulnerable to: GHSA-r628-mhmh-qjhw","Warn: Project is vulnerable to: GHSA-9r2w-394v-53qc","Warn: Project is vulnerable to: GHSA-5955-9wpr-37jh","Warn: Project is vulnerable to: GHSA-qq89-hq3f-393p","Warn: Project is vulnerable to: GHSA-f5x3-32g6-xq36","Warn: Project is vulnerable to: GHSA-332q-7ff2-57h2"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}}]},"last_synced_at":"2025-08-24T13:54:16.213Z","repository_id":35184365,"created_at":"2025-08-24T13:54:16.213Z","updated_at":"2025-08-24T13:54:16.213Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":33418547,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-23T22:14:44.296Z","status":"ssl_error","status_checked_at":"2026-05-23T22:14:43.778Z","response_time":53,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-12-25T03:19:12.846Z","updated_at":"2026-05-24T01:31:55.781Z","avatar_url":"https://github.com/tracy-codes.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Turn14 API Auth Provider\n\nThis package makes it easy to authenticate with Turn14's OAuth 2.0-based API. Their API requires you to provide a Client ID \u0026 Client Secret in exchange for a Bearer Token that you provide in the header of all requests. Their API is great, but the token they provide expires after ~ 3600 seconds (60 minutes), which means you either request a token just before each request you make, or you have a service that periodically renews a token that all your services can access.\n\n### Usage:\n\n- Please note that this module does return a Promise, so I recommend you use Async/Await to handle the Promise.\n- When requiring this module, you may call it whatever you like. There is only 1 function that is exported and it's set to the default\n\n```javascript\nconst turn14AuthProvider = require(\"turn14-api-auth\");\nconst clientId = process.env.clientId;\nconst clientSecret = process.env.clientSecret;\n\nasync function run() {\n  const bearerToken = turn14AuthProvider(client, clientSecret);\n  console.log(`My Bearer Token is ${bearerToken}`);\n}\n```\n\nThe above function will output `My Bearer Token is 123456789abcdefghijklmnopqrstuvwxyz` where the last string will be your bearer token. You can move on to implementing this in any way you'd like.\n\n### Real-World Example\n\nThe following function `getProductInventory` would be supplied with a correct Product ID from Turn14. From there, the function will perform the Oauth handshake with Turn14's API, then use the bearer token returned to make the GET request to the inventory API endpoint to get the product inventory for that specific product.\n\nI would give more detail and a more accurate example, but Turn14 has specific information that I must keep private amongst dealers, so this is about as far in as I can go.\n\n```javascript\nconst turn14AuthProvider = require(\"turn14-api-auth\");\nconst clientId = process.env.clientId;\nconst clientSecret = process.env.clientSecret;\nconst axios = require(\"axios\");\n\nasync function getProductInventory(productId) {\n  const bearerToken = await turn14AuthProvider(clientId, clientSecret);\n  const config = {\n    headers: { Authorization: `Bearer ${bearerToken}` }\n  };\n  const inventoryUrl = `https://api.turn14.com/v1/inventory/${productId}`;\n  return await axios.get(inventoryUrl, config);\n}\n```\n\n## Warnings\nPlease note, the Turn14 API does have a rate limit. Please read through Turn14's API Usage Policy for more details on the rate limits, as it is very important that you abide by them.\n\nIn my real world example above, you may notice that I am requesting a token within the `getProductInventory` function. This is great for an example or testing, but in the real world, you should have a separate function, or *service*, that runs in the background on a server somewhere out in the abyss of the *cloud*. This service should run periodically (my recommendation is once every 40-50 minutes) and insert the new bearer token into a database record. Every subsequent service you have running that makes requests to the Turn14 API should simply get that bearer token from your database and use that token, instead of obtaining a new token for each request. **This will surely get you rate limited/temporarily banned from using the Turn14 API**\n\n## Roadmap\n\n- Replace Axios package with native http module\n- Provide useful error messages \u0026 codes\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftracy-codes%2Fturn14-api-auth","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftracy-codes%2Fturn14-api-auth","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftracy-codes%2Fturn14-api-auth/lists"}