Sign in to Community
Sign in to view all badges
Expand my Community achievements bar.
Workfront OAuth2 M2M flow essentially creates a session ID bound to the user that created the app integration within Workfront using the UI.
I'm looking to provide the external app with an authentication method that it can use indefinitely with no maintenance. So I have a few questions:
1. Will the external app be able to authenticate if the user password expires?
2. Will the external app be able to authenticate if the user is disabled in Workfront (not deleted)?
3. Is the only requirement for this authentication to work that the user who created the integration continues to exist in Workfront?
4. Does Event Subscriptions API support this authentication method or is it required to still authenticate those requests with the API Key?
I got an answer from engineering support.
2. No, the user needs to be active
4. Yes. Make sure you use sessionId as the authentication header, eg: