Allow for integration via OAuth 2.0 Service Accounts

Ask: Support OAuth 2.0 Service Accounts for auth on the Aha! API

Background: We use SSO (Okta) for user authentication (Aha! doesn't know about passwords by design).  We also have a set of scheduled tasks (scripts) that query the Aha! API, summarize data, and build dashboards.  It would be very handy if these scripts could integrate with the Aha! API using Service Accounts (cryptographic signing) instead of a username and password (BASIC).  This would allow for a more secure implementation and would allow for service integration without a license allocated to a "bot" user.

  • Alan Poole
  • May 26 2016
  • Already exists
Release time frame
  • Attach files
  • Guest commented
    October 14, 2016 20:51

    The current oauth flows (authorization code and implicit grant) do not work for server-to-server authentication in which there is no user interaction with a browser (i.e., the situation where the user is an API or a "bot" as Alan said).