Use Client Applications and API keys to authenticate against the public awork API—whether you’re building your own app, an integration, or connecting Business Intelligence tools (BI / Analytics).
Important: Because the awork API is public, you must authenticate appropriately.
Key benefits and use cases
Pick the authentication setup that matches what you’re building:
User login with user rights for apps where each user signs in with their own awork account and permissions apply
API key without user reference (admin rights) for analytics, interfaces, and similar use cases where a user login is not required
Build custom apps and integrations using the awork API as the same foundation the web app uses
How to use Client Applications and API Keys
awork supports two common approaches—choose the one that fits your scenario.
Create a Client Application for user login (OAuth 2.0)
Use this if users should log in to your app/integration with their own awork account.
Tip: User login is the right choice when user rights management should take effect (via OAuth 2.0).
Navigate to Settings.
Open the Integration section and go to API clients.
Click + API Client.
Enter a name and a client id (this id must be unique).
Add a Redirect URL (see Developer Resources for details).
Click Save.
After saving, copy the client secret and keep it safe.
Use the client id and client secret to build your OAuth 2.0 login so users can authenticate with their awork account.
Check out our Developer Resources to learn more about OAuth 2.0 login.
Create an API key without user authentication
Use this if you just need an API key to query data or power an integration where a user login doesn’t matter.
Navigate to Settings.
Open the Integration section and go to API clients.
Click + API Client to create a new client application.
Set a name and a client id (this id must be unique).
Click Save.
Find your new application in the list of client applications.
Click the three dots icon and select Manage API Key.
Click + to add a new API key.
Click the small key icon on the right side to copy the API key.
Keep the API key safe and use it for your integration or data query.
Use the Developer Resources to learn how to work with the API key.
Note: In this scenario, the redirect URL is not relevant because only the API key is needed.
For details on generating an API key without user reference with admin rights, see Authentication: API key.
Best practices and support
Store secrets and API keys safely after copying them
Use a unique client id when creating a client application
Use Developer Resources for OAuth 2.0 and API key implementation details
FAQ
What’s the difference between a client application and an API key?
What’s the difference between a client application and an API key?
A Client Application is created in awork to support authentication. Depending on your use case, it can be used for user login (OAuth 2.0) or to generate an API key for querying data and integrations.
When should I use user login (OAuth 2.0)?
When should I use user login (OAuth 2.0)?
Use it when users should log in with their own awork account and user rights management should apply.
Do I need a Redirect URL?
Do I need a Redirect URL?
For user login (OAuth 2.0), you add a Redirect URL (see Developer Resources for details). If you only need an API key, the redirect URL is not relevant.
What are the Client ID and Client Secret?
What are the Client ID and Client Secret?
When creating a Client Application, you define a unique Client ID. After saving the application, you will receive the Client Secret, which you should copy and store securely.
Where do I create client applications in awork?
Where do I create client applications in awork?
Go to Settings → Integrations and go to API clients.
Where can I learn more about API authentication?
Where can I learn more about API authentication?
Use the Developer Resources. For API key specifics, see Authentication: API key.
