DocumentationWorkfrontWorkfront Guide

Manage API keys

Last update: Wed Apr 01 2026 18:03:50 GMT+0000 (Coordinated Universal Time)

CREATED FOR:

  • Admin
IMPORTANT
Workfront no longer recommends the use of the /login endpoint or API keys. Instead, use one of the following authentication methods:
  • Server authentication with JWT
  • User authentication with OAuth2
For instructions on setting up these authentication methods, see Create OAuth2 applications for Workfront integrations
For instructions on using server authentication in Workfront, see Configure and use your organization’s custom OAuth 2 applications using JWT flow
For instructions on using user authentication in Workfront, see Configure and use your organization’s custom OAuth 2 applications using authorization code flow

In order to minimize API security vulnerabilities, Adobe Workfront administrators can manage the API Keys used to enable applications to access Workfront on behalf of a user.

You can reset or remove your current administrator API Key, configure API Keys to expire, and remove the API Keys for all users.

Examples of applications that leverage the Workfront API are:

  • Document integrations such as Dropbox, Google Drive, and Workfront DAM
  • Workfront mobile applications
IMPORTANT
When resetting or removing an API Key, any application that leverages the Workfront API and authenticates to Workfront via this API Key must be re-configured in order to regain access to Workfront.

Access requirements

Expand to view access requirements for the functionality in this article.
table 0-row-2 1-row-2 2-row-2 layout-auto html-authored no-header
Adobe Workfront package Any
Adobe Workfront license

Standard

Plan
Access level configurations You must be a Workfront administrator.

For information, see Access requirements in Workfront documentation.

Workfront API Keys

Each user in Workfront has a unique API Key. This key is generated on a per-user basis at the time the user accesses an integration that leverages the Workfront API (such as the Workfront mobile app or a document integration).

NOTE
API Keys you generate in the production environment are copied to your Preview environment during the weekly refresh. Any API Keys you generate in the Preview environment will be overwritten with your production API Keys during the weekly refresh.

Workfront administrators also have a unique API Key. When an application uses an administrator API Key to access Workfront, the application has administrator access to Workfront.

Manage an administrator API key

You can generate, reset, or remove the API Key for your administrator user account.

  1. Click the Main Menu icon Main Menu in the upper-left corner of Adobe Workfront, then click Setup Setup icon .

  2. Click System > Customer Info.

  3. (Conditional) Perform one of the following actions:

    To generate an API Key: In the API Key Settings section, click Generate API Key.

    Or
    To reset an API Key: In the API Key Settings section, click Reset, then Reset.

    Or

    To remove the API Key: In the API Key Settings section, click Remove, then Remove.

Configure when API keys expire

You can configure API Keys to expire for all users in your system. When the API Key of a user expires, the user must re-authenticate to any applications that use the Workfront API to access Workfront. You can change the frequency with which the API Keys expire. You can also configure whether API Keys expire when the password of a user expires.

  1. Click the Main Menu icon Main Menu in the upper-left corner of Adobe Workfront, then click Setup Setup icon .

  2. Click System > Customer Info.

  3. In the API Key Settings area, in the After creation, API keys expire in drop-down list, select the timeframe when you want the API keys to expire.

    When you change this option, the new timeframe begins from the time that you made the change. For example, if you change this option from 1 month to 6 months, the API Keys expire 6 months from the time you make the change.

    By default, API Keys expire each month.

  4. To configure API Keys to expire at the time the users’ passwords expire, enable Remove API key when a user’s password expire.

    By default, this option is not enabled.

    For information about how to configure user passwords to expire, see Configure system security preferences.

  5. Click Save.

Remove the API keys for all users

If you are concerned about a particular security breach regarding your Workfront system, you can remove API Keys simultaneously for all users.

IMPORTANT
Removing API Keys for all users invalidates ALL of the API Keys for all the users in the system. This action will cause all of your integrations in Workfront to fail until you generate a new API Key in Workfront and update all your integrations.

  1. Click the Main Menu icon Main Menu in the upper-left corner of Adobe Workfront, then click Setup Setup icon .

  2. Expand System, then click Customer Info.

  3. In the API Key Settings area, click Remove all API keys, then click Remove All.

recommendation-more-help
5f00cc6b-2202-40d6-bcd0-3ee0c2316b43