# Switching to API Clients

On 11th January 2023, Workato will move to API client authentication for Workato APIs. The legacy API key will no longer be accessible via the UI.

Workato recommends switching all usage of Workato API to API client authentication before the scheduled deprecation. Learn more about using API client for authentication.

Legacy API key deprecation

Legacy API keys will be supported until January 1, 2024 and will be deprecated thereafter. All API requests authenticated via legacy API keys will start to be rejected after this point in time.

# Does this affect me?

This update only affects Workspaces created before 11th January 2023.

Workspaces created after 11th January 2023 are not affected by this update. These workspaces will not have legacy API clients or client roles.

# Can I continue to use the legacy API key?

Applications currently using API key and email authentication will continue to work. Workato will support the legacy authentication method until January 1, 2024.

However, you will not be able to view the legacy API key anymore, which keeps in line with industry standards for token security. To create new automations using Workato API, create a new API token or regenerate the API token.

Start using API clients for authenticating with Workato API.

# Where can i manage the legacy API key

The legacy API key will be will be moved to Workspace access (opens new window) (For EU Data Center (opens new window)). A legacy API client and client role will be created with the same permissions.

  • API client

  • Name: Migrated API client

    This API token powering this client is your legacy API key. This client is assigned the following client role.

  • Client role

  • Name: Admin

Workspaces with Environments

For workspaces with environments, separate API clients are created for each environment you have configured.

Migrated API client - {Environment name}

# Migrating to API Clients

Since migrated API clients cannot be regenerated and you will need to create new API tokens start by creating a new API client and client role. Take note that requests using new API tokens are sent in Authorization: Bearer headers instead of x-user-token and x-user-email headers.

For custom connectors that use legacy API keys and emails - such as our embedded connector or connectors from our accelerators - reach out to our support teams to receive support. Enhancements to these connectors will be released to support new API client authentication.

# Deleting the migrated legacy API key

Deleting your legacy migrated API client will immediately remove access for this API client.

This will revoke access for all applications using the legacy API key and email.

Delete legacy API Client

Deleting the API token will immediately revoke all access to all applications using the legacy API key and email authentication.

Workato recommends creating and distributing a new API token for future usage.

Last updated: 8/1/2023, 5:00:18 AM