Obtain an API Key through your Workfront instance

Log In and obtain a Session ID through your API Client

Cookie Authentication

Return to Navigation

The Workfront API authenticates each request to ensure that you have the correct access privileges to perform the necessary operations.

Obtain an API Key through your Workfront instance

One way to authenticate your requests is to obtain an API Key. There are a few different ways to obtain an API Key, but the following is a method that doesn't require you to use an API client, or make any API calls. To obtain an API Key from your instance of Workfront:

  1. Log in to your instance of Workfront.

  2. Click Setup in the Global Navigation Bar.

  3. Click System> Customer Info.

  4. In the API Key Settings section, click Generate API Key.

  5. Your active keys are listed under Your User's API Key section

Attaching this API Key to your requests provides the highest level of authentication and validates your requests for all methods: GET, PUT, POST, and DELETE.

Remeber that your API key can be used to unlock your Workfront account and should never be documented or shared.

How to attach a key to your requests

A standard request will have a basic structure that resembles this format:

Your Domain.workfront.com/attask/API/v11.0/Object?Action&Parameters&Method

To pass your API Key along with your request, simply add the request parameter "apiKey" (note the case sensitivity) into your request, before listing the method:

Your Domain.workfront.com/attask/API/v11.0/Object?Action&Parameters&apiKey&Method

A request to create a project named "NEW PROJECT" would look similar to this, where {API KEY} is replaced with the API key that you obtained from your instance of Workfront:

Your Domain.workfront.com/attask/API/v11.0/project?name=NEW PROJECT&apiKey=apiKey&method=POST

Log In and obtain a Session ID through your API Client

Another method for authentication is to log in to your Workfront account through your API client. After you log in to your account, you can obtain a Session ID that works similarly to an API Key, except that it will expire with your session.

Here is an example of how to log in to your account using a request call in your API client:

Your Domain.workfront.com/attask/api/v11.0/login?username=Your WF login&password=Your WF password

This request will return a JSON response which contains your session attributes, including your new User and Session IDs. Attaching your Session ID to your requests using the "sessionID" (note case sensitivity) parameter to your requests will authenticate you for all methods.

How to attach your Session ID to your requests

Attaching your Session ID to requests is identical to passing your API Key, except that you replace the "apiKey" parameter with "sessionID". Your request will look similar to the following:

Your Domain.workfront.com/attask/API/v11.0/project?name=NEW PROJECT&sessionID=sessionID&method=POST

This is the same request that was outlined above, which creates a project called "NEW PROJECT", except the request will be validated with the "sessionID" parameter instead of the "apiKey" parameter.

How to log out

When a session is complete, you can use the following request to log out, preventing any further access with your current Session ID:

Your Domain.workfront.com/attask/api/v11.0/logout?sessionID=sessionID

Cookie Authentication

If your API Client is set up to accept cookies, logging in will also provide you with authentication through cookies. This allows you to pass certain requests without adding a Session ID or API Key to your call. However, these requests are limited almost exclusively to the GET method.