Access Token from User Login
AnsweredHi - Is there a way to get the access token from the user login (without the need to set up a client id and a client secret)? Like some kind of url call to https://app.wdesk.com/a/<workspaceId>/auth/token?
-
Hi Mark, the Client ID and Client secret is attached to an OAuth2 Grant rather than a user. The OAuth2 Grant does need a username associated to it which is used for audit trails, and access and permissioning among other things inside of Workiva. The Client ID and Client Secret can be used to generate a Bearer Token which is used to authenticate to Workiva APIs. Bearer Tokens cannot be generate directly with a user account only and therefore it is not possible to get a Bearer Token from a user's login session. If you would like to learn more about OAuth2 Grants and Bearer Tokens, please see this Developers Setup documentation and the Developers Authentication documentation.
If your question is more along the lines of generating a snapshot of the user's within your Organization and to gain information such as last login, this can be done from the Organization Admin panel by viewing and/or exporting the People report. More details on how to do that is documented here https://support.workiva.com/hc/en-us/articles/360035646372-Export-User-Details. Alternatively, this same report can be generated via the Admin API.
0Thanks - how do you then validate in the backend if the user is authorized to perform each action in wDesk? Basic Auth with username and password combination?
0For a user to access Workiva, basic authentication can be used. We support a number of more secure authentication methods which are outlined here for classic https://support.workiva.com/hc/en-us/articles/360036003011-Authentication-Settings, and Next Generation documentation is here https://support.workiva.com/hc/en-us/sections/360007126292-Organization-Admin#360007219891.
0Please sign in to leave a comment.
Comments
3 comments