Allow for integration via OAuth 2.0 Service Accounts

Ask: Support OAuth 2.0 Service Accounts for auth on the Aha! API

Background: We use SSO (Okta) for user authentication (Aha! doesn't know about passwords by design).  We also have a set of scheduled tasks (scripts) that query the Aha! API, summarize data, and build dashboards.  It would be very handy if these scripts could integrate with the Aha! API using Service Accounts (cryptographic signing) instead of a username and password (BASIC).  This would allow for a more secure implementation and would allow for service integration without a license allocated to a "bot" user.

  • Alan Poole
  • May 26 2016
  • Already exists
Release time frame
  • May 27, 2016

    Admin Response

    Thank you for the request. We do currently support Oauth for API access. Please see detailed documentation here: http://www.aha.io/api/oauth2 

  • Attach files
  • Guest commented
    October 14, 2016 20:51

    The current oauth flows (authorization code and implicit grant) do not work for server-to-server authentication in which there is no user interaction with a browser (i.e., the situation where the user is an API or a "bot" as Alan said).