Merge pull request #194 from seamapi/seam-client-fix

fix: don't consider JWT tokens as API Key authentication values

Author: matt-the-dev

src/seam-connect/client.ts

@@ -148,6 +148,11 @@ export class Seam extends Routes {
   }
 }
 
+const isValueUsedForBearerAuthentication = (value: string) =>
+  value.startsWith("seam_at") ||
+  /** Exclude JWT tokens as well */
+  value.startsWith("ey")
+
 const makeRequest = async <T>(
   client: Axios,
   request: AxiosRequestConfig
@@ -201,7 +206,7 @@ const getAuthHeaders = ({
       )
       return { "client-session-token": apiKey }
     }
-    if (!apiKey.startsWith("seam_at") && workspaceId)
+    if (!isValueUsedForBearerAuthentication(apiKey) && workspaceId)
       throw new Error(
         "You can't use API Key Authentication AND specify a workspace. Your API Key only works for the workspace it was created in. To use Session Key Authentication with multi-workspace support, contact Seam support."
       )