Create and manage API grants in Organization Admin

To access any Workiva API’s, users will need an API grant for authorization. Once you create an API grant for a user, you’ll be able to edit the grant’s details or delete the grant. However, only the user will be able to view their grant’s secret by regenerating the grant in their user profile.

Create an API grant

To begin creating an API grant:

1. In Organization Admin, click Security.
2. Click Provisioning.
3. Click Add Identity or Api.
4. Select Api Grant in the dropdown.

Enter the following information for the API grant:

1. For Client Name, enter a name that will help you identify this grant.
2. For Workspace, enter the workspace that this grant will be attributed to.
3. For Workiva Username, enter the username of the user who needs the grant for the API.
4. For Scopes, specify the action(s) the system can take on behalf of the user. For example, with the Spreadsheets API, add Spreadsheets (Read) and Spreadsheets (Write) so the user can access and edit spreadsheets.
5. For Expires, set when the grant should expire, based on your organization's security policies and preferences.
6. If necessary, enter a comma-separated list of IP Restrictions for the grant.
7. Click Add Grant to finish.

View API grant secret

Only the user can view their grant’s secret by going to the Security tab in their user profile, and then clicking the Regenerate option in the Actions dropdown next to the grant. The user can only view the secret once, so they’ll need to copy down the secret in a secure place. If they lose the secret, they’ll need to regenerate the secret again.

Manage API grants

You can edit a specific grant’s details or delete the grant by clicking the respective action in the Actions dropdown. However, you won’t be able to view the user’s grant secret for security purposes.