Your achievements

Level 1

0% to

Level 2

Tip /
Sign in

Sign in to Community

to gain points, level up, and earn exciting badges like the new
Bedrock Mission!

Learn more

View all

Sign in to view all badges

Adobe Summit is happening now. Discover what's next in customer experience.

Questions regarding OAuth2 M2M authentication


Level 1

Workfront OAuth2 M2M flow essentially creates a session ID bound to the user that created the app integration within Workfront using the UI. 

I'm looking to provide the external app with an authentication method that it can use indefinitely with no maintenance. So I have a few questions:


1. Will the external app be able to authenticate if the user password expires?

2. Will the external app be able to authenticate if the user is disabled in Workfront (not deleted)?

3. Is the only requirement for this authentication to work that the user who created the integration continues to exist in Workfront?

4. Does Event Subscriptions API support this authentication method or is it required to still authenticate those requests with the API Key?

1 Reply


Level 1

I got an answer from engineering support.

1. Yes

2. No, the user needs to be active

3. Yes

4. Yes. Make sure you use sessionId as the authentication header, eg:

sessionId: <access-token>