Access Token in Query Parameter Deprecation: Support for authentication using access tokens in a query parameter of a Marketo Engage REST API call will be removed in a future release (specific date TBD). Existing integrations should migrate to usage of the Authorization header described here. New development should only use the Authorization header for authentication with Marketo Engage.
This is from the Marketo Release Notes in July. The date of this change seems to be June 30th 2025.
My question now: How exactly does my webhook custom header need to look like? It works for me in Postman, as Postman seems to encode automatically to Base64, but how I do that in Marketo?
Thanks!
Michael
Solved! Go to Solution.
That doesn’t change.
The access token is already header-safe. You don’t (and should not) encode it. Just add the header:
Authorization: Bearer <token here>
Ah, sorry, I meant the call that retrieves the bearer token. How do I replace this in the new world:
GET <Identity URL>/oauth/token?grant_type=client_credentials&client_id=<Client Id>&client_secret=<Client Secret>
Oh, thank you very much, Sanford. I misread the article.