Use Mutual TLS in HTTP modules in Adobe Workfront Fusion

Last update: 2023-11-15
  • Created for:
  • User

Adobe Workfront Fusion requires an Adobe Workfront Fusion license in addition to an Adobe Workfront license.

Mutual TLS overview

When you send data over the internet, it’s important to ensure that it goes to or comes from the correct location and that only the intended recipient can read it. With TLS enabled, the client (computer requesting information) uses certificates to verify the identity of the server (computer providing information). This makes secure HTTP connections.

Mutual TLS allows this identity confirmation to go both ways. When the server sends its certificate to verify its identity to the client, it also requests the client’s certificate. This ensures that the server does not send information to a site or user that would misuse it.



  • TLS: When a person types “” into a browser, they want to be sure that they are going to My Great Bank, not a website that might misuse or sell their banking information. They also want to be sure their bank account information is encrypted.

    When the browser (the client) connects to (the server), TLS requires a certificate from to verify its identity. The certificate is provided by a certificate authority such as DigiCert or Thawte. Because the browser trusts the certificate authority, it allows the connection.

  • Mutual TLS: is a software client that needs information from the API. MyGreatBank allows only trusted clients to connect to their servers. So, in addition to the regular TLS verifying the identity of, the TLS/certificate authority process also verifies the request from

Access requirements

You must have the following access to use the functionality in this article:

Adobe Workfront plan*

Pro or higher

Adobe Workfront license*

Plan, Work

Adobe Workfront Fusion license**

Current license requirement: No Workfront Fusion license requirement.


Legacy license requirement: Workfront Fusion for Work Automation and Integration


Current product requirement: If you have the Select or Prime Adobe Workfront Plan, your organization must purchase Adobe Workfront Fusion as well as Adobe Workfront to use functionality described in this article. Workfront Fusion is included in the Ultimate Workfront plan.


Legacy product requirement: Your organization must purchase Adobe Workfront Fusion as well as Adobe Workfront to use functionality described in this article.

*To find out what plan, license type, or access you have, contact your Workfront administrator.

**For information on Adobe Workfront Fusion licenses, see Adobe Workfront Fusion licenses

Providing your Workfront Fusion public certificate

When you connect to a web service with an HTTP request, the web service usually requires a Workfront Fusion public certificate for verification. This allows the web service to compare the certificate presented in the HTTP request to the one on file, as a way to ensure that the certificate is on the web service’s allowlist.

For instructions on uploading the Adobe Workfront Fusion public certificate to a web service, see the web service’s documentation.


You may need to provide other information in addition to the certificate. For information on what a web service requires, see the web service’s API documentation.

You can use the following links to download the Workfront Fusion public certificates:

Certificates for May 25, 2023 - June 9, 2024

  • These Workfront Fusion public certificates expire on June 9, 2024. After yours expires you will need to upload a new certificate to the web service. We recommend that you:

    • Make note of the expiration date and set a reminder for yourself to upload the certificate to your web service.
    • Bookmark this page to easily find the new certificates.
  • These are non-wildcard mTLS certificates.

Enabling Mutual TLS in Workfront Fusion HTTP modules

All Workfront Fusion HTTP request modules have the option to enable Mutual TLS.

To enable Mutual TLS in an HTTP request module:

  1. Add an HTTP request module to your scenario.

  2. Begin configuring the module.

    For instructions on configuring an HTTP request module, see the appropriate article under HTTP modules.

  3. Enable Show advanced settings near the bottom of the module.

  4. Enable Use Mutual TLS.

On this page