2

I have integrated Attask with SAML using Third party IDP (ADFS). I have my web application which also supports SAML and configured with same IDP. I am able to login using IDP in both application (Attask and My app) and able to access Attask application from my app and vice-verca.

Now I have to create project inside Workfront from my app. I am able to create project with admin username/password using rest API call. But when I goto workfront page with help of SSO I am not able to see the project. Because this project got created using admin credentials. This is the main problem which I need to sort out.

I have to create project with current logged in user with the help of rest API.

Does Attask support Oauth token to access API?

Could anyone suggest some good approach. Any help will be highly appreciated!!!

ManojP
  • 6,113
  • 2
  • 37
  • 49

2 Answers2

2

NO workfront API does not work with Oauth at this time. to authenticate you are required to either provide a username/password, sessionID or apiKey. Your best approach would be to add logic to set the user as the project Owner. This way the projects will show up.

michael johnson
  • 757
  • 1
  • 4
  • 10
  • Yes, thats how I was trying to implement but before assigning Project Owner this user need to be created in WF. Again there is no official rest api for creating user :( – ManojP Apr 15 '15 at 07:07
  • You can create a user in the Rest API you would make a post using the USER object providing the required fields. firstName lastName and email as well as not required but is to be able to login accessLevelID – michael johnson Apr 15 '15 at 16:27
1

Side stepping the issue of SSO, I am only addressing your concern about creating a project (or any object) from a user. Many objects in the Workfront API will simply ignore a enteredBy or createdBy type value that is passed in. For example, if I try to attach a note to a project and pass an owner=123.. UID in, it will still set the owner to the authenticated user for the API. If you are using an API key, that will be your admin's username.

To get around this, you need to login as the user you want to own the object using a little trick. It turns out that you can pass the API a username and an a API key instead of password. For example

http://idt.attask-ondemand.com/attask/api/v4.0/login?username=bob.jones@mysite.com&apiKey=6dd3je2u0tpt7lffjg3h6qnl3xzaabjq

That will return a session ID associated with Bob Jones. Now any objects you create using that session ID will come from Bob. Just remember to log back in as the correct user for the API before doing anything else.

I use this code to write updates from other users.

Craig
  • 326
  • 2
  • 12